From patchwork Tue Aug  8 04:27:05 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ian Kent <raven@themaw.net>
X-Patchwork-Id: 9886515
Return-Path: <linux-fsdevel-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	9315160352 for <patchwork-linux-fsdevel@patchwork.kernel.org>;
	Tue,  8 Aug 2017 04:36:36 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 84E0E2846D
	for <patchwork-linux-fsdevel@patchwork.kernel.org>;
	Tue,  8 Aug 2017 04:36:36 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 7911A286FF; Tue,  8 Aug 2017 04:36:36 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI
	autolearn=unavailable version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 275252846D
	for <patchwork-linux-fsdevel@patchwork.kernel.org>;
	Tue,  8 Aug 2017 04:36:36 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752075AbdHHEg0 (ORCPT
	<rfc822;patchwork-linux-fsdevel@patchwork.kernel.org>);
	Tue, 8 Aug 2017 00:36:26 -0400
Received: from icp-osb-irony-out3.external.iinet.net.au ([203.59.1.153]:63927
	"EHLO icp-osb-irony-out3.external.iinet.net.au"
	rhost-flags-OK-OK-OK-OK)
	by vger.kernel.org with ESMTP id S1751950AbdHHEgZ (ORCPT
	<rfc822;linux-fsdevel@vger.kernel.org>);
	Tue, 8 Aug 2017 00:36:25 -0400
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: 
 A2AWAgD0PIlZ/3GhBzpcHAEBBAEBCgEBg1qBeI4PkAc5AQEBAQEGgQgzlgSCEhyFKwKEXD8YAQIBAQEBAQEBayiFGQYjVhAYAQwCGA4CAkcQBhOKIgysEYImIgKLPQEBAQcogQuCHYICgQWCKjaKd4JhBZIBjg2UNYtXhnaWCR84gQpTLwqHcDM2iWQBAQE
X-IPAS-Result: 
 A2AWAgD0PIlZ/3GhBzpcHAEBBAEBCgEBg1qBeI4PkAc5AQEBAQEGgQgzlgSCEhyFKwKEXD8YAQIBAQEBAQEBayiFGQYjVhAYAQwCGA4CAkcQBhOKIgysEYImIgKLPQEBAQcogQuCHYICgQWCKjaKd4JhBZIBjg2UNYtXhnaWCR84gQpTLwqHcDM2iWQBAQE
X-IronPort-AV: E=Sophos;i="5.41,341,1498492800"; d="scan'208";a="411532792"
Received: from unknown (HELO pluto.themaw.net) ([58.7.161.113])
	by icp-osb-irony-out3.iinet.net.au with ESMTP;
	08 Aug 2017 12:27:06 +0800
Subject: [PATCH 3/3] autofs - make dev ioctl version and ismountpoint user
	accessible
From: Ian Kent <raven@themaw.net>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: autofs mailing list <autofs@vger.kernel.org>,
	Ondrej Holy <oholy@redhat.com>, Colin Walters <walters@redhat.com>,
	Kernel Mailing List <linux-kernel@vger.kernel.org>,
	David Howells <dhowells@redhat.com>,
	linux-fsdevel <linux-fsdevel@vger.kernel.org>
Date: Tue, 08 Aug 2017 12:27:05 +0800
Message-ID: <150216642517.11652.2338933266137331637.stgit@pluto.themaw.net>
In-Reply-To: <150216641255.11652.4204561328197919771.stgit@pluto.themaw.net>
References: <150216641255.11652.4204561328197919771.stgit@pluto.themaw.net>
User-Agent: StGit/0.17.1-dirty
MIME-Version: 1.0
Sender: linux-fsdevel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-fsdevel.vger.kernel.org>
X-Mailing-List: linux-fsdevel@vger.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

Some of the autofs miscellaneous device ioctls need to be accessable to
user space applications without CAP_SYS_ADMIN to get information about
autofs mounts.

Signed-off-by: Ian Kent <raven@themaw.net>
Cc: Colin Walters <walters@redhat.com>
Cc: Ondrej Holy <oholy@redhat.com>
---
 fs/autofs4/dev-ioctl.c              |   12 ++++++++----
 include/uapi/linux/auto_dev-ioctl.h |    2 +-
 2 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/fs/autofs4/dev-ioctl.c b/fs/autofs4/dev-ioctl.c
index 218a4ecc75cc..ea8b3a1cddd2 100644
--- a/fs/autofs4/dev-ioctl.c
+++ b/fs/autofs4/dev-ioctl.c
@@ -628,10 +628,6 @@ static int _autofs_dev_ioctl(unsigned int command,
 	ioctl_fn fn = NULL;
 	int err = 0;
 
-	/* only root can play with this */
-	if (!capable(CAP_SYS_ADMIN))
-		return -EPERM;
-
 	cmd_first = _IOC_NR(AUTOFS_DEV_IOCTL_IOC_FIRST);
 	cmd = _IOC_NR(command);
 
@@ -640,6 +636,14 @@ static int _autofs_dev_ioctl(unsigned int command,
 		return -ENOTTY;
 	}
 
+	/* Only root can use ioctls other than AUTOFS_DEV_IOCTL_VERSION_CMD
+	 * and AUTOFS_DEV_IOCTL_ISMOUNTPOINT_CMD
+	 */
+	if (cmd != AUTOFS_DEV_IOCTL_VERSION_CMD &&
+	    cmd != AUTOFS_DEV_IOCTL_ISMOUNTPOINT_CMD &&
+	    !capable(CAP_SYS_ADMIN))
+		return -EPERM;
+
 	/* Copy the parameters into kernel space. */
 	param = copy_dev_ioctl(user);
 	if (IS_ERR(param))
diff --git a/include/uapi/linux/auto_dev-ioctl.h b/include/uapi/linux/auto_dev-ioctl.h
index 744b3d060968..5558db8e6646 100644
--- a/include/uapi/linux/auto_dev-ioctl.h
+++ b/include/uapi/linux/auto_dev-ioctl.h
@@ -16,7 +16,7 @@
 #define AUTOFS_DEVICE_NAME		"autofs"
 
 #define AUTOFS_DEV_IOCTL_VERSION_MAJOR	1
-#define AUTOFS_DEV_IOCTL_VERSION_MINOR	0
+#define AUTOFS_DEV_IOCTL_VERSION_MINOR	1
 
 #define AUTOFS_DEV_IOCTL_SIZE		sizeof(struct autofs_dev_ioctl)