From patchwork Tue Nov 17 16:39:06 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 7639331 Return-Path: X-Original-To: patchwork-linux-fsdevel@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork2.web.kernel.org (Postfix) with ESMTP id 83CB6BF90C for ; Tue, 17 Nov 2015 16:42:46 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 8E1DF20416 for ; Tue, 17 Nov 2015 16:42:45 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id AB87B20429 for ; Tue, 17 Nov 2015 16:42:44 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932201AbbKQQmK (ORCPT ); Tue, 17 Nov 2015 11:42:10 -0500 Received: from mail-io0-f170.google.com ([209.85.223.170]:33294 "EHLO mail-io0-f170.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754470AbbKQQkH (ORCPT ); Tue, 17 Nov 2015 11:40:07 -0500 Received: by iouu10 with SMTP id u10so24777989iou.0 for ; Tue, 17 Nov 2015 08:40:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical_com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=++ffNWy9K/SPUwEYIi/wjELCWVoEiMnFuogd3EVCmSU=; b=Gtfn+5hEWnw23fYAuqem7Fv4T/UU7Yn56Sw84wWOEkkdTL8P/hDU6RXGWsCTRKWCPR fTqtRKoOcqr3fOjAAqJixf9YClZ508lMGNgbmqssg/sukjS60jjGR0s8fM0WzJRpNw2a DqTr+3Aj65GRjpoOir8hc3AvP9ljdfD5AC5LHRLuia+11P4eDCGrVQyHpPwff5olMWc3 fezox1KCQial7Qh/BsYzs3hrjCL+BX7VrvcAMz4+XuPe/4HD8kYq9nvEkshoguLg20uo kXmxxPyDxw1vXvtOh3UH3+ID0J54iAn65uiX/zgg8i5kz60SrLd8XT/eIgqIg35vrwy1 gqBQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=++ffNWy9K/SPUwEYIi/wjELCWVoEiMnFuogd3EVCmSU=; b=iXZahRluIN/6DV6O+ys4KRfhGY5IdMWeiSc9zCSYsZbMMjywMVDa9FH0DFwYiZ5qyX t/qi7QLyAcReQnldL0Z3AwR35kDe7x0TLXG4BIpkZ04/DsoaTfM0ERRayfmyZGXL7W/T YMAO/xYF4vnER0NlcCDwbLA461rw6V8qTD2Wlk1/iNNeYDCJTb3ZatyIbaQmlO4ZNXMr ATzggoYn4xZtwCriLPQaG/3SqimMkNH5tuVQAmGjT9NOTXx3i09UDYfRGatSRonoUZ5v EmsQT8hjM4PwWKH4zG8w8oKWvRDIcttupqPPitmBNSHVC0PWr7D7aZfQKyHv/lU3+g7M rUYA== X-Gm-Message-State: ALoCoQlxoD5y94BFrvaaXnQdyNf1ejOLtKY3kir3PuHP4wfPz2s7sq+SkmhWbQTIhyF0eKZgEI/n X-Received: by 10.107.158.10 with SMTP id h10mr39968401ioe.63.1447778406495; Tue, 17 Nov 2015 08:40:06 -0800 (PST) Received: from localhost (199-87-125-144.dyn.kc.surewest.net. [199.87.125.144]) by smtp.gmail.com with ESMTPSA id rt5sm8344282igb.20.2015.11.17.08.40.05 (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Tue, 17 Nov 2015 08:40:05 -0800 (PST) From: Seth Forshee To: "Eric W. Biederman" , David Woodhouse , Brian Norris Cc: Alexander Viro , Serge Hallyn , Andy Lutomirski , linux-kernel@vger.kernel.org, linux-bcache@vger.kernel.org, dm-devel@redhat.com, linux-raid@vger.kernel.org, linux-mtd@lists.infradead.org, linux-fsdevel@vger.kernel.org, linux-security-module@vger.kernel.org, selinux@tycho.nsa.gov, Seth Forshee Subject: [PATCH v3 3/7] mtd: Check permissions towards mtd block device inode when mounting Date: Tue, 17 Nov 2015 10:39:06 -0600 Message-Id: <1447778351-118699-4-git-send-email-seth.forshee@canonical.com> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1447778351-118699-1-git-send-email-seth.forshee@canonical.com> References: <1447778351-118699-1-git-send-email-seth.forshee@canonical.com> Sender: linux-fsdevel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org X-Spam-Status: No, score=-7.4 required=5.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_HI,RP_MATCHES_RCVD,T_DKIM_INVALID,UNPARSEABLE_RELAY autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Unprivileged users should not be able to mount mtd block devices when they lack sufficient privileges towards the block device inode. Update mount_mtd() to validate that the user has the required access to the inode at the specified path. The check will be skipped for CAP_SYS_ADMIN, so privileged mounts will continue working as before. Signed-off-by: Seth Forshee --- drivers/mtd/mtdsuper.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/drivers/mtd/mtdsuper.c b/drivers/mtd/mtdsuper.c index b5b60e1af31c..5d7e7705fed8 100644 --- a/drivers/mtd/mtdsuper.c +++ b/drivers/mtd/mtdsuper.c @@ -125,6 +125,7 @@ struct dentry *mount_mtd(struct file_system_type *fs_type, int flags, #ifdef CONFIG_BLOCK struct block_device *bdev; int ret, major; + int perm; #endif int mtdnr; @@ -176,7 +177,10 @@ struct dentry *mount_mtd(struct file_system_type *fs_type, int flags, /* try the old way - the hack where we allowed users to mount * /dev/mtdblock$(n) but didn't actually _use_ the blockdev */ - bdev = lookup_bdev(dev_name, 0); + perm = MAY_READ; + if (!(flags & MS_RDONLY)) + perm |= MAY_WRITE; + bdev = lookup_bdev(dev_name, perm); if (IS_ERR(bdev)) { ret = PTR_ERR(bdev); pr_debug("MTDSB: lookup_bdev() returned %d\n", ret);