shinys000114/linux
1
0
Fork 0
mirror of https://github.com/hardkernel/linux.git synced 2026-06-08 03:40:35 +09:00
Code Issues Packages Projects Releases Wiki Activity

ovl: remove privs in ovl_copyfile()

Browse Source 
Underlying fs doesn't remove privs because copy_range/remap_range are
called with privileged mounter credentials.

This fixes some failures in fstest generic/673.

Fixes: 8ede205541 ("ovl: add reflink/copyfile/dedup support")
Acked-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org>
This commit is contained in:
Amir Goldstein
2022-10-17 17:06:38 +02:00
committed by Christian Brauner (Microsoft)
parent ed5a7047d2
commit b306e90ffa
1 changed files with 14 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
fs/overlayfs/file.c
View File

@@ -567,14 +567,23 @@ static loff_t ovl_copyfile(struct file *file_in, loff_t pos_in,
const struct cred *old_cred; const struct cred *old_cred;
loff_t ret; loff_t ret;
inode_lock(inode_out);
if (op != OVL_DEDUPE) {
/* Update mode */
ovl_copyattr(inode_out);
ret = file_remove_privs(file_out);
if (ret)
goto out_unlock;
}
ret = ovl_real_fdget(file_out, &real_out); ret = ovl_real_fdget(file_out, &real_out);
if (ret) if (ret)
return ret; goto out_unlock;
ret = ovl_real_fdget(file_in, &real_in); ret = ovl_real_fdget(file_in, &real_in);
if (ret) { if (ret) {
fdput(real_out); fdput(real_out);
return ret; goto out_unlock;
} }
old_cred = ovl_override_creds(file_inode(file_out)->i_sb); old_cred = ovl_override_creds(file_inode(file_out)->i_sb);
@@ -603,6 +612,9 @@ static loff_t ovl_copyfile(struct file *file_in, loff_t pos_in,
fdput(real_in); fdput(real_in);
fdput(real_out); fdput(real_out);
out_unlock:
inode_unlock(inode_out);
return ret; return ret;
} }