Assumption never checked, should fail if the mounter creds are not sufficient.
Signed-off-by: Mark Salyzyn <saly...@android.com> Cc: Miklos Szeredi <mik...@szeredi.hu> Cc: Jonathan Corbet <cor...@lwn.net> Cc: Vivek Goyal <vgo...@redhat.com> Cc: Eric W. Biederman <ebied...@xmission.com> Cc: Amir Goldstein <amir7...@gmail.com> Cc: Randy Dunlap <rdun...@infradead.org> Cc: Stephen Smalley <s...@tycho.nsa.gov> Cc: linux-unio...@vger.kernel.org Cc: linux-...@vger.kernel.org Cc: linux-ker...@vger.kernel.org Cc: kernel-t...@android.com Cc: Eric Van Hensbergen <eri...@gmail.com> Cc: Latchesar Ionkov <lu...@ionkov.net> Cc: Dominique Martinet <asmad...@codewreck.org> Cc: David Howells <dhowe...@redhat.com> Cc: Chris Mason <c...@fb.com> Cc: Josef Bacik <jo...@toxicpanda.com> Cc: David Sterba <dste...@suse.com> Cc: Jeff Layton <jlay...@kernel.org> Cc: Sage Weil <s...@redhat.com> Cc: Ilya Dryomov <idryo...@gmail.com> Cc: Steve French <sfre...@samba.org> Cc: Tyler Hicks <tyhi...@canonical.com> Cc: Jan Kara <j...@suse.com> Cc: Theodore Ts'o <ty...@mit.edu> Cc: Andreas Dilger <adilger.ker...@dilger.ca> Cc: Jaegeuk Kim <jaeg...@kernel.org> Cc: Chao Yu <yuch...@huawei.com> Cc: Bob Peterson <rpete...@redhat.com> Cc: Andreas Gruenbacher <agrue...@redhat.com> Cc: David Woodhouse <dw...@infradead.org> Cc: Richard Weinberger <rich...@nod.at> Cc: Dave Kleikamp <sha...@kernel.org> Cc: Greg Kroah-Hartman <gre...@linuxfoundation.org> Cc: Tejun Heo <t...@kernel.org> Cc: Trond Myklebust <trond.mykleb...@hammerspace.com> Cc: Anna Schumaker <anna.schuma...@netapp.com> Cc: Mark Fasheh <m...@fasheh.com> Cc: Joel Becker <jl...@evilplan.org> Cc: Joseph Qi <joseph...@linux.alibaba.com> Cc: Mike Marshall <hub...@omnibond.com> Cc: Martin Brandenburg <mar...@omnibond.com> Cc: Alexander Viro <v...@zeniv.linux.org.uk> Cc: Phillip Lougher <phil...@squashfs.org.uk> Cc: Darrick J. Wong <darrick.w...@oracle.com> Cc: linux-...@vger.kernel.org Cc: Hugh Dickins <hu...@google.com> Cc: David S. Miller <da...@davemloft.net> Cc: Andrew Morton <a...@linux-foundation.org> Cc: Mathieu Malaterre <ma...@debian.org> Cc: Ernesto A. Fernández <ernesto.mnd.fernan...@gmail.com> Cc: Vyacheslav Dubeyko <sl...@dubeyko.com> Cc: v9fs-develo...@lists.sourceforge.net Cc: linux-...@lists.infradead.org Cc: linux-bt...@vger.kernel.org Cc: ceph-de...@vger.kernel.org Cc: linux-c...@vger.kernel.org Cc: samba-techni...@lists.samba.org Cc: ecryp...@vger.kernel.org Cc: linux-e...@vger.kernel.org Cc: linux-f2fs-devel@lists.sourceforge.net Cc: linux-fsde...@vger.kernel.org Cc: cluster-de...@redhat.com Cc: linux-...@lists.infradead.org Cc: jfs-discuss...@lists.sourceforge.net Cc: linux-...@vger.kernel.org Cc: ocfs2-de...@oss.oracle.com Cc: de...@lists.orangefs.org Cc: reiserfs-de...@vger.kernel.org Cc: linux...@kvack.org Cc: net...@vger.kernel.org Cc: linux-security-mod...@vger.kernel.org Cc: sta...@vger.kernel.org # 4.4, 4.9, 4.14 & 4.19 --- v11 + v12 + v13 - rebase v10: - return NULL rather than ERR_PTR(-EPERM) - did _not_ add it ovl_can_decode_fh() because of changes since last review, suspect needs to be added to ovl_lower_uuid_ok()? v8 + v9: - rebase v7: - This time for realz v6: - rebase v5: - dependency of "overlayfs: override_creds=off option bypass creator_cred" --- fs/overlayfs/namei.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/fs/overlayfs/namei.c b/fs/overlayfs/namei.c index e9717c2f7d45..9702f0d5309d 100644 --- a/fs/overlayfs/namei.c +++ b/fs/overlayfs/namei.c @@ -161,6 +161,9 @@ struct dentry *ovl_decode_real_fh(struct ovl_fh *fh, struct vfsmount *mnt, if (!uuid_equal(&fh->uuid, &mnt->mnt_sb->s_uuid)) return NULL; + if (!capable(CAP_DAC_READ_SEARCH)) + return NULL; + bytes = (fh->len - offsetof(struct ovl_fh, fid)); real = exportfs_decode_fh(mnt, (struct fid *)fh->fid, bytes >> 2, (int)fh->type, -- 2.22.0.770.g0f2c4a37fd-goog _______________________________________________ Linux-f2fs-devel mailing list Linux-f2fs-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel