lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <200709041437.l84EbtRZ010033@dantu.rdu.redhat.com>
Date:	Tue, 4 Sep 2007 10:37:55 -0400
From:	Jeff Layton <jlayton@...hat.com>
To:	linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org
Cc:	linux-cifs-client@...ts.samba.org, nfs@...ts.sourceforge.net,
	ecryptfs-devel@...ts.sourceforge.net,
	reiserfs-devel@...r.kernel.org, unionfs@...esystems.org
Subject: [PATCH 7/7] unionfs: fix unionfs_create and unionfs_setattr to handle ATTR_KILL_S*ID

Don't allow either function to trip the BUG() in notify_change. For
unionfs_setattr, clear ATTR_MODE if the either ATTR_KILL_S*ID is set.

unionfs_create is setting the mode explicitly already.  Don't set
ATTR_KILL_S*ID. Just fix up the mode to have the same effect. Also, move
locking the i_mutex to lower in the function. It's not needed until it
checks the i_size.

(Jeff Sipek indicated that he was planning to change some of this code,
so this patch may need changes if it goes in after his patchset)

Signed-off-by: Jeff Layton <jlayton@...hat.com>
---
 fs/unionfs/inode.c |   10 ++++++----
 1 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/fs/unionfs/inode.c b/fs/unionfs/inode.c
index 59bb418..f2e7f25 100644
--- a/fs/unionfs/inode.c
+++ b/fs/unionfs/inode.c
@@ -78,15 +78,14 @@ static int unionfs_create(struct inode *parent, struct dentry *dentry,
 		struct dentry *lower_dir_dentry;
 		struct iattr newattrs;
 
-		mutex_lock(&wh_dentry->d_inode->i_mutex);
 		newattrs.ia_valid = ATTR_CTIME | ATTR_MODE | ATTR_ATIME
-			| ATTR_MTIME | ATTR_UID | ATTR_GID | ATTR_FORCE
-			| ATTR_KILL_SUID | ATTR_KILL_SGID;
+			| ATTR_MTIME | ATTR_UID | ATTR_GID | ATTR_FORCE;
 
-		newattrs.ia_mode = mode & ~current->fs->umask;
+		newattrs.ia_mode = mode & ~(current->fs->umask|S_ISUID|S_ISGID);
 		newattrs.ia_uid = current->fsuid;
 		newattrs.ia_gid = current->fsgid;
 
+		mutex_lock(&wh_dentry->d_inode->i_mutex);
 		if (wh_dentry->d_inode->i_size != 0) {
 			newattrs.ia_valid |= ATTR_SIZE;
 			newattrs.ia_size = 0;
@@ -1032,6 +1031,9 @@ static int unionfs_setattr(struct dentry *dentry, struct iattr *ia)
 	bend = dbend(dentry);
 	inode = dentry->d_inode;
 
+	if (ia->ia_valid & (ATTR_KILL_SUID | ATTR_KILL_SGID))
+		ia->ia_valid &= ~ATTR_MODE;
+
 	for (bindex = bstart; (bindex <= bend) || (bindex == bstart);
 	     bindex++) {
 		lower_dentry = unionfs_lower_dentry_idx(dentry, bindex);
-- 
1.5.2.1

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ