| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20210208175858.2092008-6-sashal@kernel.org>
Date: Mon, 8 Feb 2021 12:58:45 -0500
From: Sasha Levin <sashal@...nel.org>
To: linux-kernel@...r.kernel.org, stable@...r.kernel.org
Cc: Miklos Szeredi <mszeredi@...hat.com>,
"Eric W. Biederman" <ebiederm@...ssion.com>,
Sasha Levin <sashal@...nel.org>, linux-unionfs@...r.kernel.org
Subject: [PATCH AUTOSEL 5.4 06/19] ovl: perform vfs_getxattr() with mounter creds
From: Miklos Szeredi <mszeredi@...hat.com>
[ Upstream commit 554677b97257b0b69378bd74e521edb7e94769ff ]
The vfs_getxattr() in ovl_xattr_set() is used to check whether an xattr
exist on a lower layer file that is to be removed. If the xattr does not
exist, then no need to copy up the file.
This call of vfs_getxattr() wasn't wrapped in credential override, and this
is probably okay. But for consitency wrap this instance as well.
Reported-by: "Eric W. Biederman" <ebiederm@...ssion.com>
Signed-off-by: Miklos Szeredi <mszeredi@...hat.com>
Signed-off-by: Sasha Levin <sashal@...nel.org>
---
fs/overlayfs/inode.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/fs/overlayfs/inode.c b/fs/overlayfs/inode.c
index bb980721502dd..56b55397a7a00 100644
--- a/fs/overlayfs/inode.c
+++ b/fs/overlayfs/inode.c
@@ -337,7 +337,9 @@ int ovl_xattr_set(struct dentry *dentry, struct inode *inode, const char *name,
goto out;
if (!value && !upperdentry) {
+ old_cred = ovl_override_creds(dentry->d_sb);
err = vfs_getxattr(realdentry, name, NULL, 0);
+ revert_creds(old_cred);
if (err < 0)
goto out_drop_write;
}
--
2.27.0
Powered by blists - more mailing lists