[5.10,2/2] ovl: remove privs in ovl_fallocate()

Message ID	20230212090204.339226-3-amir73il@gmail.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <linux-fsdevel-owner@vger.kernel.org> From: Amir Goldstein <amir73il@gmail.com> To: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Cc: Sasha Levin <sashal@kernel.org>, Leah Rumancik <leah.rumancik@gmail.com>, Miklos Szeredi <miklos@szeredi.hu>, linux-fsdevel@vger.kernel.org, linux-unionfs@vger.kernel.org, stable@vger.kernel.org, Miklos Szeredi <mszeredi@redhat.com>, Christian Brauner <brauner@kernel.org> Subject: [PATCH 5.10 2/2] ovl: remove privs in ovl_fallocate() Date: Sun, 12 Feb 2023 11:02:04 +0200 Message-Id: <20230212090204.339226-3-amir73il@gmail.com> In-Reply-To: <20230212090204.339226-1-amir73il@gmail.com> References: <20230212090204.339226-1-amir73il@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	Backport two overlayfs fixed to 5.10.y \| expand [5.10,0/2] Backport two overlayfs fixed to 5.10.y [5.10,1/2] ovl: remove privs in ovl_copyfile() [5.10,2/2] ovl: remove privs in ovl_fallocate()

Message ID

20230212090204.339226-3-amir73il@gmail.com (mailing list archive)

State

New, archived

Headers

From: Amir Goldstein <amir73il@gmail.com>
To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Sasha Levin <sashal@kernel.org>,
        Leah Rumancik <leah.rumancik@gmail.com>,
        Miklos Szeredi <miklos@szeredi.hu>,
        linux-fsdevel@vger.kernel.org, linux-unionfs@vger.kernel.org,
        stable@vger.kernel.org, Miklos Szeredi <mszeredi@redhat.com>,
        Christian Brauner <brauner@kernel.org>
Subject: [PATCH 5.10 2/2] ovl: remove privs in ovl_fallocate()
Date: Sun, 12 Feb 2023 11:02:04 +0200
Message-Id: <20230212090204.339226-3-amir73il@gmail.com>
In-Reply-To: <20230212090204.339226-1-amir73il@gmail.com>
References: <20230212090204.339226-1-amir73il@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

Backport two overlayfs fixed to 5.10.y | expand

Commit Message

Amir Goldstein Feb. 12, 2023, 9:02 a.m. UTC

commit 23a8ce16419a3066829ad4a8b7032a75817af65b upstream.

Underlying fs doesn't remove privs because fallocate is called with
privileged mounter credentials.

This fixes some failure in fstests generic/683..687.

Fixes: aab8848cee5e ("ovl: add ovl_fallocate()")
Acked-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org>
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
---
 fs/overlayfs/file.c | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/fs/overlayfs/file.c b/fs/overlayfs/file.c
index 259b2d41b707..0e734c8b4dfa 100644
--- a/fs/overlayfs/file.c
+++ b/fs/overlayfs/file.c
@@ -531,9 +531,16 @@  static long ovl_fallocate(struct file *file, int mode, loff_t offset, loff_t len
 	const struct cred *old_cred;
 	int ret;
 
+	inode_lock(inode);
+	/* Update mode */
+	ovl_copyattr(ovl_inode_real(inode), inode);
+	ret = file_remove_privs(file);
+	if (ret)
+		goto out_unlock;
+
 	ret = ovl_real_fdget(file, &real);
 	if (ret)
-		return ret;
+		goto out_unlock;
 
 	old_cred = ovl_override_creds(file_inode(file)->i_sb);
 	ret = vfs_fallocate(real.file, mode, offset, len);
@@ -544,6 +551,9 @@  static long ovl_fallocate(struct file *file, int mode, loff_t offset, loff_t len
 
 	fdput(real);
 
+out_unlock:
+	inode_unlock(inode);
+
 	return ret;
 }

[5.10,2/2] ovl: remove privs in ovl_fallocate()

Commit Message

Patch