From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Greg KH <gregkh@linuxfoundation.org>,
torvalds@linux-foundation.org, akpm@linux-foundation.org,
alan@lxorguk.ukuu.org.uk, Tyler Hicks <tyhicks@canonical.com>,
Dan Carpenter <dan.carpenter@oracle.com>
Subject: [ 47/68] eCryptfs: Properly check for O_RDONLY flag before doing privileged open
Date: Thu, 12 Jul 2012 16:02:21 -0700 [thread overview]
Message-ID: <20120712175039.602715483@linuxfoundation.org> (raw)
In-Reply-To: <20120712175035.530652872@linuxfoundation.org>
From: Greg KH <gregkh@linuxfoundation.org>
3.0-stable review patch. If anyone has any objections, please let me know.
------------------
From: Tyler Hicks <tyhicks@canonical.com>
commit 9fe79d7600497ed8a95c3981cbe5b73ab98222f0 upstream.
If the first attempt at opening the lower file read/write fails,
eCryptfs will retry using a privileged kthread. However, the privileged
retry should not happen if the lower file's inode is read-only because a
read/write open will still be unsuccessful.
The check for determining if the open should be retried was intended to
be based on the access mode of the lower file's open flags being
O_RDONLY, but the check was incorrectly performed. This would cause the
open to be retried by the privileged kthread, resulting in a second
failed open of the lower file. This patch corrects the check to
determine if the open request should be handled by the privileged
kthread.
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
fs/ecryptfs/kthread.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/fs/ecryptfs/kthread.c
+++ b/fs/ecryptfs/kthread.c
@@ -149,7 +149,7 @@ int ecryptfs_privileged_open(struct file
(*lower_file) = dentry_open(lower_dentry, lower_mnt, flags, cred);
if (!IS_ERR(*lower_file))
goto out;
- if (flags & O_RDONLY) {
+ if ((flags & O_ACCMODE) == O_RDONLY) {
rc = PTR_ERR((*lower_file));
goto out;
}
next prev parent reply other threads:[~2012-07-12 23:12 UTC|newest]
Thread overview: 77+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-07-12 17:50 [ 00/68] 3.0.37-stable review Greg KH
2012-07-12 23:01 ` [ 01/68] ALSA: hda - Add Realtek ALC280 codec support Greg Kroah-Hartman
2012-07-12 23:01 ` [ 02/68] powerpc/xmon: Use cpumask iterator to avoid warning Greg Kroah-Hartman
2012-07-12 23:01 ` [ 03/68] media: smsusb: add autodetection support for USB ID 2040:f5a0 Greg Kroah-Hartman
2012-07-12 23:01 ` [ 04/68] ARM: fix rcu stalls on SMP platforms Greg Kroah-Hartman
2012-07-12 23:01 ` [ 05/68] net: sock: validate data_len before allocating skb in sock_alloc_send_pskb() Greg Kroah-Hartman
2012-07-12 23:01 ` [ 06/68] cipso: handle CIPSO options correctly when NetLabel is disabled Greg Kroah-Hartman
2012-07-12 23:01 ` [ 07/68] net: l2tp_eth: fix kernel panic on rmmod l2tp_eth Greg Kroah-Hartman
2012-07-12 23:01 ` [ 08/68] dummy: fix rcu_sched self-detected stalls Greg Kroah-Hartman
2012-07-13 14:09 ` Herton Ronaldo Krzesinski
2012-07-16 15:46 ` Greg Kroah-Hartman
2012-07-12 23:01 ` [ 09/68] ethtool: allow ETHTOOL_GSSET_INFO for users Greg Kroah-Hartman
2012-07-12 23:01 ` [ 10/68] bridge: Assign rtnl_link_ops to bridge devices created via ioctl (v2) Greg Kroah-Hartman
2012-07-12 23:01 ` [ 11/68] bonding: Fix corrupted queue_mapping Greg Kroah-Hartman
2012-07-12 23:01 ` [ 12/68] ipv6: Move ipv6 proc file registration to end of init order Greg Kroah-Hartman
2012-07-12 23:01 ` [ 13/68] sky2: fix checksum bit management on some chips Greg Kroah-Hartman
2012-07-12 23:01 ` [ 14/68] be2net: fix a race in be_xmit() Greg Kroah-Hartman
2012-07-12 23:01 ` [ 15/68] netpoll: fix netpoll_send_udp() bugs Greg Kroah-Hartman
2012-07-12 23:01 ` [ 16/68] hwmon: (applesmc) Limit key length in warning messages Greg Kroah-Hartman
2012-07-12 23:01 ` [ 17/68] nilfs2: ensure proper cache clearing for gc-inodes Greg Kroah-Hartman
2012-07-12 23:01 ` [ 18/68] udf: Use ret instead of abusing i in udf_load_logicalvol() Greg Kroah-Hartman
2012-07-12 23:01 ` [ 19/68] udf: Avoid run away loop when partition table length is corrupted Greg Kroah-Hartman
2012-07-12 23:01 ` [ 20/68] udf: Fortify loading of sparing table Greg Kroah-Hartman
2012-07-12 23:01 ` [ 21/68] ath9k: Fix softlockup in AR9485 Greg Kroah-Hartman
2012-07-12 23:01 ` [ 22/68] ath9k_hw: avoid possible infinite loop in ar9003_get_pll_sqsum_dvc Greg Kroah-Hartman
2012-07-13 1:38 ` Herton Ronaldo Krzesinski
2012-07-13 1:49 ` Greg Kroah-Hartman
2012-07-12 23:01 ` [ 23/68] ath9k: enable serialize_regmode for non-PCIE AR9287 Greg Kroah-Hartman
2012-07-12 23:01 ` [ 24/68] ASoC: tlv320aic3x: Fix codec pll configure bug Greg Kroah-Hartman
2012-07-12 23:01 ` [ 25/68] Btrfs: run delayed directory updates during log replay Greg Kroah-Hartman
2012-07-12 23:02 ` [ 26/68] drm/edid: dont return stack garbage from supports_rb Greg Kroah-Hartman
2012-07-12 23:02 ` [ 27/68] drm/nouveau/fbcon: using nv_two_heads is not a good idea Greg Kroah-Hartman
2012-07-12 23:02 ` [ 28/68] drm/i915: Fix eDP blank screen after S3 resume on HP desktops Greg Kroah-Hartman
2012-07-12 23:02 ` [ 29/68] acpi_pad: fix power_saving thread deadlock Greg Kroah-Hartman
2012-07-12 23:02 ` [ 30/68] ACPI: Add a quirk for "AMILO PRO V2030" to ignore the timer overriding Greg Kroah-Hartman
2012-07-12 23:02 ` [ 31/68] ACPI, x86: fix Dell M6600 ACPI reboot regression via DMI Greg Kroah-Hartman
2012-07-12 23:02 ` [ 32/68] ACPI sysfs.c strlen fix Greg Kroah-Hartman
2012-07-12 23:02 ` [ 33/68] stable: Allow merging of backports for serious user-visible performance issues Greg Kroah-Hartman
2012-07-12 23:02 ` [ 34/68] USB: option: add id for Cellient MEN-200 Greg Kroah-Hartman
2012-07-12 23:02 ` [ 35/68] USB: option: Add USB ID for Novatel Ovation MC551 Greg Kroah-Hartman
2012-07-12 23:02 ` [ 36/68] USB: CP210x Add 10 Device IDs Greg Kroah-Hartman
2012-07-12 23:02 ` [ 37/68] cfg80211: fix potential deadlock in regulatory Greg Kroah-Hartman
2012-07-12 23:02 ` [ 38/68] can: c_can: precedence error in c_can_chip_config() Greg Kroah-Hartman
2012-07-12 23:02 ` [ 39/68] oprofile: perf: use NR_CPUS instead or nr_cpumask_bits for static array Greg Kroah-Hartman
2012-07-12 23:02 ` [ 40/68] mac80211: correct behaviour on unrecognised action frames Greg Kroah-Hartman
2012-07-12 23:02 ` [ 41/68] mwifiex: fix 11n rx packet drop issue Greg Kroah-Hartman
2012-07-12 23:02 ` [ 42/68] vfs: make O_PATH file descriptors usable for fchdir() Greg Kroah-Hartman
2012-07-12 22:40 ` ольга крыжановская
2012-07-12 23:02 ` [ 43/68] mtd: cafe_nand: fix an & vs | mistake Greg Kroah-Hartman
2012-07-12 23:02 ` [ 44/68] tcm_fc: Resolve suspicious RCU usage warnings Greg Kroah-Hartman
2012-07-12 23:02 ` [ 45/68] eCryptfs: Gracefully refuse miscdev file ops on inherited/passed files Greg Kroah-Hartman
2012-07-12 23:02 ` [ 46/68] eCryptfs: Fix lockdep warning in miscdev operations Greg Kroah-Hartman
2012-07-12 23:02 ` Greg Kroah-Hartman [this message]
2012-07-12 23:02 ` [ 48/68] USB: cdc-wdm: fix lockup on error in wdm_read Greg Kroah-Hartman
2012-07-12 23:02 ` [ 49/68] USB: option: add ZTE MF60 Greg Kroah-Hartman
2012-07-12 23:02 ` [ 50/68] USB: option: Add MEDIATEK product ids Greg Kroah-Hartman
2012-07-12 23:02 ` [ 51/68] PCI: EHCI: fix crash during suspend on ASUS computers Greg Kroah-Hartman
2012-07-13 1:42 ` Herton Ronaldo Krzesinski
2012-07-12 23:02 ` [ 52/68] xhci: Avoid dead ports when CONFIG_USB_XHCI_HCD=n Greg Kroah-Hartman
2012-07-12 23:02 ` [ 53/68] ipheth: add support for iPad Greg Kroah-Hartman
2012-07-12 23:02 ` [ 54/68] tracing: change CPU ring buffer state from tracing_cpumask Greg Kroah-Hartman
2012-07-13 1:47 ` Herton Ronaldo Krzesinski
2012-07-12 23:02 ` [ 55/68] vhost: dont forget to schedule() Greg Kroah-Hartman
2012-07-12 23:02 ` [ 56/68] raid5: delayed stripe fix Greg Kroah-Hartman
2012-07-12 23:02 ` [ 57/68] rtl8187: ->brightness_set can not sleep Greg Kroah-Hartman
2012-07-12 23:02 ` [ 58/68] umem: fix up unplugging Greg Kroah-Hartman
2012-07-12 23:02 ` [ 59/68] x86, cpufeature: Rename X86_FEATURE_DTS to X86_FEATURE_DTHERM Greg Kroah-Hartman
2012-07-12 23:02 ` [ 60/68] md/raid5: Do not add data_offset before call to is_badblock Greg Kroah-Hartman
2012-07-12 23:02 ` [ 61/68] md/raid10: Dont try to recovery unmatched (and unused) chunks Greg Kroah-Hartman
2012-07-12 23:02 ` [ 62/68] memory hotplug: fix invalid memory access caused by stale kswapd pointer Greg Kroah-Hartman
2012-07-12 23:02 ` [ 63/68] drivers/rtc/rtc-mxc.c: fix irq enabled interrupts warning Greg Kroah-Hartman
2012-07-12 23:02 ` [ 64/68] mm, thp: abort compaction if migration page cannot be charged to memcg Greg Kroah-Hartman
2012-07-12 23:02 ` [ 65/68] fs: ramfs: file-nommu: add SetPageUptodate() Greg Kroah-Hartman
2012-07-12 23:02 ` [ 66/68] mm: Hold a file reference in madvise_remove Greg Kroah-Hartman
2012-07-13 1:49 ` Herton Ronaldo Krzesinski
2012-07-12 23:02 ` [ 67/68] ACPI: Make acpi_skip_timer_override cover all source_irq==0 cases Greg Kroah-Hartman
2012-07-12 23:02 ` [ 68/68] ACPI: Remove one board specific WARN when ignoring timer overriding Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120712175039.602715483@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=akpm@linux-foundation.org \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=dan.carpenter@oracle.com \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=tyhicks@canonical.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox