lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 15 Feb 2017 22:41:34 +0000 From: Ben Hutchings <ben@...adent.org.uk> To: linux-kernel@...r.kernel.org, stable@...r.kernel.org CC: akpm@...ux-foundation.org, "Jean-Pierre André" <jean-pierre.andre@...adoo.fr>, "Miklos Szeredi" <mszeredi@...hat.com> Subject: [PATCH 3.2 036/126] fuse: invalidate dir dentry after chmod 3.2.85-rc1 review patch. If anyone has any objections, please let me know. ------------------ From: Miklos Szeredi <mszeredi@...hat.com> commit 5e2b8828ff3d79aca8c3a1730652758753205b61 upstream. Without "default_permissions" the userspace filesystem's lookup operation needs to perform the check for search permission on the directory. If directory does not allow search for everyone (this is quite rare) then userspace filesystem has to set entry timeout to zero to make sure permissions are always performed. Changing the mode bits of the directory should also invalidate the (previously cached) dentry to make sure the next lookup will have a chance of updating the timeout, if needed. Reported-by: Jean-Pierre André <jean-pierre.andre@...adoo.fr> Signed-off-by: Miklos Szeredi <mszeredi@...hat.com> [bwh: Backported to 3.2: - Adjust context - Open-code d_is_dir()] Signed-off-by: Ben Hutchings <ben@...adent.org.uk> --- fs/fuse/dir.c | 14 +++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) --- a/fs/fuse/dir.c +++ b/fs/fuse/dir.c @@ -1393,10 +1393,20 @@ error: static int fuse_setattr(struct dentry *entry, struct iattr *attr) { + int ret; + if (attr->ia_valid & ATTR_FILE) - return fuse_do_setattr(entry, attr, attr->ia_file); + ret = fuse_do_setattr(entry, attr, attr->ia_file); else - return fuse_do_setattr(entry, attr, NULL); + ret = fuse_do_setattr(entry, attr, NULL); + + if (!ret) { + /* Directory mode changed, may need to revalidate access */ + if (S_ISDIR(entry->d_inode->i_mode) && + (attr->ia_valid & ATTR_MODE)) + fuse_invalidate_entry_cache(entry); + } + return ret; } static int fuse_getattr(struct vfsmount *mnt, struct dentry *entry,
Powered by blists - more mailing lists