ich777/linux_media
1
0
Fork 0
mirror of https://github.com/tbsdtv/linux_media.git synced 2025-07-23 12:43:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Revert "ovl: don't allow writing ioctl on lower layer"

Browse Source 
This reverts commit 7c6893e3c9.

Overlayfs no longer relies on the vfs for checking writability of files.

Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
This commit is contained in:
Miklos Szeredi
2018-07-18 15:44:43 +02:00
parent d561f21856
commit 6742cee043
4 changed files with 9 additions and 70 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
fs/internal.h
View File

@@ -80,10 +80,8 @@ extern void __init mnt_init(void);
extern int __mnt_want_write(struct vfsmount *); extern int __mnt_want_write(struct vfsmount *);
extern int __mnt_want_write_file(struct file *); extern int __mnt_want_write_file(struct file *);
extern int mnt_want_write_file_path(struct file *);
extern void __mnt_drop_write(struct vfsmount *); extern void __mnt_drop_write(struct vfsmount *);
extern void __mnt_drop_write_file(struct file *); extern void __mnt_drop_write_file(struct file *);
extern void mnt_drop_write_file_path(struct file *);
/* /*
* fs_struct.c * fs_struct.c

64
fs/namespace.c
View File

@@ -431,18 +431,13 @@ int __mnt_want_write_file(struct file *file)
} }
/** /**
* mnt_want_write_file_path - get write access to a file's mount * mnt_want_write_file - get write access to a file's mount
* @file: the file who's mount on which to take a write * @file: the file who's mount on which to take a write
* *
* This is like mnt_want_write, but it takes a file and can * This is like mnt_want_write, but it takes a file and can
* do some optimisations if the file is open for write already * do some optimisations if the file is open for write already
*
* Called by the vfs for cases when we have an open file at hand, but will do an
* inode operation on it (important distinction for files opened on overlayfs,
* since the file operations will come from the real underlying file, while
* inode operations come from the overlay).
*/ */
int mnt_want_write_file_path(struct file *file) int mnt_want_write_file(struct file *file)
{ {
int ret; int ret;
@@ -452,53 +447,6 @@ int mnt_want_write_file_path(struct file *file)
sb_end_write(file->f_path.mnt->mnt_sb); sb_end_write(file->f_path.mnt->mnt_sb);
return ret; return ret;
} }
static inline int may_write_real(struct file *file)
{
struct dentry *dentry = file->f_path.dentry;
struct dentry *upperdentry;
/* Writable file? */
if (file->f_mode & FMODE_WRITER)
return 0;
/* Not overlayfs? */
if (likely(!(dentry->d_flags & DCACHE_OP_REAL)))
return 0;
/* File refers to upper, writable layer? */
upperdentry = d_real(dentry, NULL, 0, D_REAL_UPPER);
if (upperdentry && file_inode(file) == d_inode(upperdentry))
return 0;
/* Lower layer: can't write to real file, sorry... */
return -EPERM;
}
/**
* mnt_want_write_file - get write access to a file's mount
* @file: the file who's mount on which to take a write
*
* This is like mnt_want_write, but it takes a file and can
* do some optimisations if the file is open for write already
*
* Mostly called by filesystems from their ioctl operation before performing
* modification. On overlayfs this needs to check if the file is on a read-only
* lower layer and deny access in that case.
*/
int mnt_want_write_file(struct file *file)
{
int ret;
ret = may_write_real(file);
if (!ret) {
sb_start_write(file_inode(file)->i_sb);
ret = __mnt_want_write_file(file);
if (ret)
sb_end_write(file_inode(file)->i_sb);
}
return ret;
}
EXPORT_SYMBOL_GPL(mnt_want_write_file); EXPORT_SYMBOL_GPL(mnt_want_write_file);
/** /**
@@ -536,15 +484,9 @@ void __mnt_drop_write_file(struct file *file)
__mnt_drop_write(file->f_path.mnt); __mnt_drop_write(file->f_path.mnt);
} }
void mnt_drop_write_file_path(struct file *file)
{
mnt_drop_write(file->f_path.mnt);
}
void mnt_drop_write_file(struct file *file) void mnt_drop_write_file(struct file *file)
{ {
__mnt_drop_write(file->f_path.mnt); mnt_drop_write(file->f_path.mnt);
sb_end_write(file_inode(file)->i_sb);
} }
EXPORT_SYMBOL(mnt_drop_write_file); EXPORT_SYMBOL(mnt_drop_write_file);

4
fs/open.c
View File

@@ -707,12 +707,12 @@ int ksys_fchown(unsigned int fd, uid_t user, gid_t group)
if (!f.file) if (!f.file)
goto out; goto out;
error = mnt_want_write_file_path(f.file); error = mnt_want_write_file(f.file);
if (error) if (error)
goto out_fput; goto out_fput;
audit_file(f.file); audit_file(f.file);
error = chown_common(&f.file->f_path, user, group); error = chown_common(&f.file->f_path, user, group);
mnt_drop_write_file_path(f.file); mnt_drop_write_file(f.file);
out_fput: out_fput:
fdput(f); fdput(f);
out: out:

9
fs/xattr.c
View File

@@ -23,7 +23,6 @@
#include <linux/posix_acl_xattr.h> #include <linux/posix_acl_xattr.h>
#include <linux/uaccess.h> #include <linux/uaccess.h>
#include "internal.h"
static const char * static const char *
strcmp_prefix(const char *a, const char *a_prefix) strcmp_prefix(const char *a, const char *a_prefix)
@@ -501,10 +500,10 @@ SYSCALL_DEFINE5(fsetxattr, int, fd, const char __user *, name,
if (!f.file) if (!f.file)
return error; return error;
audit_file(f.file); audit_file(f.file);
error = mnt_want_write_file_path(f.file); error = mnt_want_write_file(f.file);
if (!error) { if (!error) {
error = setxattr(f.file->f_path.dentry, name, value, size, flags); error = setxattr(f.file->f_path.dentry, name, value, size, flags);
mnt_drop_write_file_path(f.file); mnt_drop_write_file(f.file);
} }
fdput(f); fdput(f);
return error; return error;
@@ -733,10 +732,10 @@ SYSCALL_DEFINE2(fremovexattr, int, fd, const char __user *, name)
if (!f.file) if (!f.file)
return error; return error;
audit_file(f.file); audit_file(f.file);
error = mnt_want_write_file_path(f.file); error = mnt_want_write_file(f.file);
if (!error) { if (!error) {
error = removexattr(f.file->f_path.dentry, name); error = removexattr(f.file->f_path.dentry, name);
mnt_drop_write_file_path(f.file); mnt_drop_write_file(f.file);
} }
fdput(f); fdput(f);
return error; return error;