From mboxrd@z Thu Jan 1 00:00:00 1970 From: Mark Salyzyn Subject: [PATCH v9 1/2] overlayfs: check CAP_DAC_READ_SEARCH before issuing exportfs_decode_fh Date: Fri, 9 Nov 2018 09:29:52 -0800 Message-ID: <20181109172955.49832-1-salyzyn@android.com> Mime-Version: 1.0 Content-Transfer-Encoding: 8bit Return-path: Sender: linux-kernel-owner@vger.kernel.org To: linux-kernel@vger.kernel.org Cc: Mark Salyzyn , Miklos Szeredi , Jonathan Corbet , Vivek Goyal , "Eric W . Biederman" , Amir Goldstein , Randy Dunlap , Stephen Smalley , linux-unionfs@vger.kernel.org, linux-doc@vger.kernel.org, kernel-team@android.com List-Id: linux-unionfs@vger.kernel.org Assumption never checked, should fail if the mounter creds are not sufficient. Signed-off-by: Mark Salyzyn Cc: Miklos Szeredi Cc: Jonathan Corbet Cc: Vivek Goyal Cc: Eric W. Biederman Cc: Amir Goldstein Cc: Randy Dunlap Cc: Stephen Smalley Cc: linux-unionfs@vger.kernel.org Cc: linux-doc@vger.kernel.org Cc: linux-kernel@vger.kernel.org Cc: kernel-team@android.com --- v8 + v9: - rebase v7: - This time for realz v6: - rebase v5: - dependency of "overlayfs: override_creds=off option bypass creator_cred" fs/overlayfs/namei.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/fs/overlayfs/namei.c b/fs/overlayfs/namei.c index efd372312ef1..3ac9dc8f6cc0 100644 --- a/fs/overlayfs/namei.c +++ b/fs/overlayfs/namei.c @@ -163,6 +163,9 @@ struct dentry *ovl_decode_real_fh(struct ovl_fh *fh, struct vfsmount *mnt, if (!uuid_equal(&fh->uuid, &mnt->mnt_sb->s_uuid)) return NULL; + if (!capable(CAP_DAC_READ_SEARCH)) + return ERR_PTR(-EPERM); + bytes = (fh->len - offsetof(struct ovl_fh, fid)); real = exportfs_decode_fh(mnt, (struct fid *)fh->fid, bytes >> 2, (int)fh->type, -- 2.19.1.930.g4563a0d9d0-goog