| Message ID | 1461339521-123191-13-git-send-email-seth.forshee@canonical.com (mailing list archive) |
|---|---|
| State | Superseded |
| Headers | show
Return-Path: <selinux-bounces@tycho.nsa.gov> X-Original-To: patchwork-selinux@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork1.web.kernel.org (Postfix) with ESMTP id E64B49F39A for <patchwork-selinux@patchwork.kernel.org>; Fri, 22 Apr 2016 15:55:03 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 3CCEF20225 for <patchwork-selinux@patchwork.kernel.org>; Fri, 22 Apr 2016 15:55:03 +0000 (UTC) Received: from emvm-gh1-uea08.nsa.gov (emvm-gh1-uea08.nsa.gov [8.44.101.8]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 53DB720149 for <patchwork-selinux@patchwork.kernel.org>; Fri, 22 Apr 2016 15:55:01 +0000 (UTC) X-TM-IMSS-Message-ID: <61c13d3100000a7a@nsa.gov> Received: from tarius.tycho.ncsc.mil ([144.51.242.1]) by nsa.gov ([10.208.42.193]) with ESMTP (TREND IMSS SMTP Service 7.1) id 61c13d3100000a7a ; Fri, 22 Apr 2016 11:50:49 -0400 Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u3MFpO1E008701; Fri, 22 Apr 2016 11:51:24 -0400 Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil [144.51.242.1]) by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id u3MFdlnt105311 for <selinux@prometheus.infosec.tycho.ncsc.mil>; Fri, 22 Apr 2016 11:39:47 -0400 Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u3MFdlDU004476 for <selinux@tycho.nsa.gov>; Fri, 22 Apr 2016 11:39:47 -0400 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A0CqBABlRRpX/yUp0ApeHYJwgXu3d4QQhg4CgXQBAQEBAQFmJ4RCAQEBAxIVGQEBNwEPUTQBBQEcBgESIogIAaBwgTE+MYpPhSgBBIxcAQEBAQEFAgEXBgqEDYIKjmABjkuJSIFVjEGJKYVlRY0sMIEOYoF4DRuBaU4BiHoBAQE X-IPAS-Result: A0CqBABlRRpX/yUp0ApeHYJwgXu3d4QQhg4CgXQBAQEBAQFmJ4RCAQEBAxIVGQEBNwEPUTQBBQEcBgESIogIAaBwgTE+MYpPhSgBBIxcAQEBAQEFAgEXBgqEDYIKjmABjkuJSIFVjEGJKYVlRY0sMIEOYoF4DRuBaU4BiHoBAQE X-IronPort-AV: E=Sophos;i="5.24,517,1454994000"; d="scan'208";a="5402623" Received: from emsm-gh1-uea11.corp.nsa.gov (HELO emsm-gh1-uea11.nsa.gov) ([10.208.41.37]) by goalie.tycho.ncsc.mil with ESMTP; 22 Apr 2016 11:39:23 -0400 IronPort-PHdr: =?us-ascii?q?9a23=3AuSseYBL8DURUCfm+bdmcpTZWNBhigK39O0sv0rFi?= =?us-ascii?q?tYgVKf7xwZ3uMQTl6Ol3ixeRBMOAu6IC1LKd4/yocFdDyKjCmUhKSIZLWR4BhJ?= =?us-ascii?q?detC0bK+nBN3fGKuX3ZTcxBsVIWQwt1Xi6NU9IBJS2PAWK8TWM5DIfUi/yKRBy?= =?us-ascii?q?brysXNWC34Loj6vip9X6WEZhunmUWftKNhK4rAHc5IE9oLBJDeIP8CbPuWZCYO?= =?us-ascii?q?9MxGlldhq5lhf44dqsrtY4q3wD89pozcNLUL37cqIkVvQYSW1+ayFmrPHs4FPu?= =?us-ascii?q?VwqErkRaGk8XnxZFGQ3M6luyCpr7syb2u/B48DmfPNbtTLcyHz+l6vEvADbshT?= =?us-ascii?q?cOMTI06inpi9Z3xPZFoQimjw5yxY/KJoWUMuduOKTHcpUHRjwScNxWUnl6D5+8?= =?us-ascii?q?J6UIFfEBMOsQ+5Lwu1tIoxykHgmhCcvkwzlPgH791Kl82OMkR1KVlDc8Fs4D5S?= =?us-ascii?q?yH5O7+M70fBKXslPHF?= X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A1EmAQCfQhpXiDDaVdFeHAGCcIF7t3eEE?= =?us-ascii?q?IINhAECgXQBAQEBAQECAg8BAQEICwsJH4JefVs9AQEBAxIVGQEBNwEPUTQBBQE?= =?us-ascii?q?cBgESIogIAaBsgTE+MYpPhSgBBIxdAQEBAQEFAgEXBgqEDYIKjmCOTIlIgVWMQ?= =?us-ascii?q?YkphWVFjSwwgQ6CWg0RCoFpTgGIegEBAQ?= X-IPAS-Result: =?us-ascii?q?A1EmAQCfQhpXiDDaVdFeHAGCcIF7t3eEEIINhAECgXQBAQE?= =?us-ascii?q?BAQECAg8BAQEICwsJH4JefVs9AQEBAxIVGQEBNwEPUTQBBQEcBgESIogIAaBsg?= =?us-ascii?q?TE+MYpPhSgBBIxdAQEBAQEFAgEXBgqEDYIKjmCOTIlIgVWMQYkphWVFjSwwgQ6?= =?us-ascii?q?CWg0RCoFpTgGIegEBAQ?= X-IronPort-AV: E=Sophos;i="5.24,517,1454976000"; d="scan'208";a="15532490" Received: from emvm-gh1-uea08.nsa.gov ([10.208.42.193]) by emsm-gh1-uea11.nsa.gov with ESMTP/TLS/DHE-RSA-AES256-SHA; 22 Apr 2016 15:39:20 +0000 X-TM-IMSS-Message-ID: <61b620eb00000558@nsa.gov> Received: from mail-oi0-f48.google.com (mail-oi0-f48.google.com [209.85.218.48]) by nsa.gov ([10.208.42.193]) with ESMTP (TREND IMSS SMTP Service 7.1; TLSv1/SSLv3 AES128-SHA (128/128)) id 61b620eb00000558 ; Fri, 22 Apr 2016 11:38:41 -0400 Received: by mail-oi0-f48.google.com with SMTP id p188so136863738oih.2 for <selinux@tycho.nsa.gov>; Fri, 22 Apr 2016 08:39:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=Fh9GRAmSHBzywvKbYAiFf8EVOG91OzLPctaAafKZpgQ=; b=Ltx5+jbNmeArjrS1b6JAmtQz+Z1I3yBQiRW/Z6qLx10UL9es/BCetDHaVI+M9G9F3B KhH2FjR0gzKmSFedqXQHlUc45p1JXtKQFqheagxykwLz/r0iG3qkthiSCdD171yWkf9Y vy9yULIQ7sqkz7P7cGU29AGVDetrqFA2WJCGyJ0fZkemEyNC+KbJ/9X3+KR8xv4f3gly IOA3Be3037CoGeoEAOVSekerBPfqrnjPih2mFYxHFLxrD3zDk/P31IFYNgjmf8qATRBf AOUSGcVhZJQaaEcYQIb+KeaM1RrhhOo1DV+k8hqPG7eEFVilueChDF9pykO1CdDpmSgd b3rA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=Fh9GRAmSHBzywvKbYAiFf8EVOG91OzLPctaAafKZpgQ=; b=EUivhWeNpI1WLuw9Rh68HoAl5OvkOzOZfSDDH99/1Z9ZXKExCYvPQRKy0Rkv+MSQz5 BBnbtN1iIHQbMTuLuMpjrr7fxy/84tN6behvB2Q/DyXGQucjcinEOBixCS41ywPpUDQy oLw0n0rimpa2+sWp0CEFK9mQZ1/3d21ZIRPaDvxsyWjOFie4gEpW1DxnybirB/fMiadP qD4rn/J5CmQSd9zkKbuO502bKUf4afNYor71l3z3+JmTPx8ZKOxR+atCZ9mYMdwZndrv Bo9+1/3hUaaBd8G9v6/kkreZQSEhttP18kAi9EnVHF2xUg1hvU0Bth56Eb1nZPKwty87 b97A== X-Gm-Message-State: AOPr4FWNDl0KtLP74IYIiCZZ2gOJdugpjVfR4ilD4m9Q2iuPx6UNxjSOXAzEmrpSoZyKSXA9 X-Received: by 10.157.36.135 with SMTP id z7mr8434424ota.69.1461339558576; Fri, 22 Apr 2016 08:39:18 -0700 (PDT) Received: from localhost ([2605:a601:aab:f920:ad1c:41df:dcb1:a4a0]) by smtp.gmail.com with ESMTPSA id dn8sm2109054oeb.15.2016.04.22.08.39.17 (version=TLS1_2 cipher=AES128-SHA bits=128/128); Fri, 22 Apr 2016 08:39:17 -0700 (PDT) From: Seth Forshee <seth.forshee@canonical.com> To: "Eric W. Biederman" <ebiederm@xmission.com>, Alexander Viro <viro@zeniv.linux.org.uk> Subject: [PATCH v3 12/21] fs: Refuse uid/gid changes which don't map into s_user_ns Date: Fri, 22 Apr 2016 10:38:29 -0500 Message-Id: <1461339521-123191-13-git-send-email-seth.forshee@canonical.com> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1461339521-123191-1-git-send-email-seth.forshee@canonical.com> References: <1461339521-123191-1-git-send-email-seth.forshee@canonical.com> X-TM-AS-MML: disable X-Mailman-Approved-At: Fri, 22 Apr 2016 11:40:27 -0400 X-BeenThere: selinux@tycho.nsa.gov X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security-Enhanced Linux \(SELinux\) mailing list" <selinux.tycho.nsa.gov> List-Post: <mailto:selinux@tycho.nsa.gov> List-Help: <mailto:selinux-request@tycho.nsa.gov?subject=help> Cc: linux-bcache@vger.kernel.org, Serge Hallyn <serge.hallyn@canonical.com>, Seth Forshee <seth.forshee@canonical.com>, dm-devel@redhat.com, Miklos Szeredi <mszeredi@redhat.com>, Richard Weinberger <richard.weinberger@gmail.com>, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, linux-raid@vger.kernel.org, fuse-devel@lists.sourceforge.net, Austin S Hemmelgarn <ahferroin7@gmail.com>, linux-mtd@lists.infradead.org, selinux@tycho.nsa.gov, linux-fsdevel@vger.kernel.org, cgroups@vger.kernel.org, Pavel Tikhomirov <ptikhomirov@virtuozzo.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: selinux-bounces@tycho.nsa.gov Sender: "Selinux" <selinux-bounces@tycho.nsa.gov> X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, RP_MATCHES_RCVD, T_DKIM_INVALID, UNPARSEABLE_RELAY autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP |
diff --git a/fs/attr.c b/fs/attr.c index 25b24d0f6c88..3cfaaac4a18e 100644 --- a/fs/attr.c +++ b/fs/attr.c @@ -42,6 +42,17 @@ int inode_change_ok(const struct inode *inode, struct iattr *attr) return error; } + /* + * Verify that uid/gid changes are valid in the target namespace + * of the superblock. This cannot be overriden using ATTR_FORCE. + */ + if (ia_valid & ATTR_UID && + from_kuid(inode->i_sb->s_user_ns, attr->ia_uid) == (uid_t)-1) + return -EOVERFLOW; + if (ia_valid & ATTR_GID && + from_kgid(inode->i_sb->s_user_ns, attr->ia_gid) == (gid_t)-1) + return -EOVERFLOW; + /* If force is set do it anyway. */ if (ia_valid & ATTR_FORCE) return 0;