[PATCH v3 3/3][Xenial SRU] ovl: check mounter creds on underlying lookup
Seth Forshee
seth.forshee at canonical.com
Tue Jan 31 23:00:38 UTC 2017
From: Miklos Szeredi <mszeredi at redhat.com>
BugLink: http://bugs.launchpad.net/bugs/1659417
The hash salting changes meant that we can no longer reuse the hash in the
overlay dentry to look up the underlying dentry.
Instead of lookup_hash(), use lookup_one_len_unlocked() and swith to
mounter's creds (like we do for all other operations later in the series).
Now the lookup_hash() export introduced in 4.6 by 3c9fe8cdff1b ("vfs: add
lookup_hash() helper") is unused and can possibly be removed; its
usefulness negated by the hash salting and the idea that mounter's creds
should be used on operations on underlying filesystems.
Signed-off-by: Miklos Szeredi <mszeredi at redhat.com>
Fixes: 8387ff2577eb ("vfs: make the string hashes salt the hash")
(backported from commit c1b2cc1a765aff4df7b22abe6b66014236f73eba)
Signed-off-by: Seth Forshee <seth.forshee at canonical.com>
---
fs/overlayfs/super.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/fs/overlayfs/super.c b/fs/overlayfs/super.c
index 62fd3a097221..6c3077473fa8 100644
--- a/fs/overlayfs/super.c
+++ b/fs/overlayfs/super.c
@@ -456,14 +456,18 @@ static bool ovl_dentry_weird(struct dentry *dentry)
DCACHE_OP_COMPARE);
}
-static inline struct dentry *ovl_lookup_real(struct dentry *dir,
+static inline struct dentry *ovl_lookup_real(struct super_block *ovl_sb,
+ struct dentry *dir,
struct qstr *name)
{
+ const struct cred *old_cred;
struct dentry *dentry;
+ old_cred = ovl_override_creds(ovl_sb);
mutex_lock(&dir->d_inode->i_mutex);
dentry = lookup_one_len(name->name, dir, name->len);
mutex_unlock(&dir->d_inode->i_mutex);
+ revert_creds(old_cred);
if (IS_ERR(dentry)) {
if (PTR_ERR(dentry) == -ENOENT)
@@ -517,7 +521,7 @@ struct dentry *ovl_lookup(struct inode *dir, struct dentry *dentry,
upperdir = ovl_upperdentry_dereference(poe);
if (upperdir) {
- this = ovl_lookup_real(upperdir, &dentry->d_name);
+ this = ovl_lookup_real(dentry->d_sb, upperdir, &dentry->d_name);
err = PTR_ERR(this);
if (IS_ERR(this))
goto out;
@@ -550,7 +554,8 @@ struct dentry *ovl_lookup(struct inode *dir, struct dentry *dentry,
bool opaque = false;
struct path lowerpath = poe->lowerstack[i];
- this = ovl_lookup_real(lowerpath.dentry, &dentry->d_name);
+ this = ovl_lookup_real(dentry->d_sb,
+ lowerpath.dentry, &dentry->d_name);
err = PTR_ERR(this);
if (IS_ERR(this)) {
/*
--
2.7.4
More information about the kernel-team
mailing list