iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ovl: remove privs in ovl_copyfile()

Browse Source 
commit b306e90ffabdaa7e3b3350dbcd19b7663e71ab17 upstream.

Underlying fs doesn't remove privs because copy_range/remap_range are
called with privileged mounter credentials.

This fixes some failures in fstest generic/673.

Fixes: 8ede205541ff ("ovl: add reflink/copyfile/dedup support")
Acked-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org>
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
Amir Goldstein 2022-10-17 17:06:38 +02:00 committed by Greg Kroah-Hartman
parent 645df4047b
commit f6f94837d9
1 changed files with 14 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
fs/overlayfs/file.c
View File

@ -687,14 +687,23 @@ static loff_t ovl_copyfile(struct file *file_in, loff_t pos_in,
const struct cred *old_cred;
loff_t ret;
inode_lock(inode_out);
if (op != OVL_DEDUPE) {
/* Update mode */
ovl_copyattr(ovl_inode_real(inode_out), inode_out);
ret = file_remove_privs(file_out);
if (ret)
goto out_unlock;
}
ret = ovl_real_fdget(file_out, &real_out);
if (ret)
return ret;
goto out_unlock;
ret = ovl_real_fdget(file_in, &real_in);
if (ret) {
fdput(real_out);
return ret;
goto out_unlock;
}
old_cred = ovl_override_creds(file_inode(file_out)->i_sb);
@ -723,6 +732,9 @@ static loff_t ovl_copyfile(struct file *file_in, loff_t pos_in,
fdput(real_in);
fdput(real_out);
out_unlock:
inode_unlock(inode_out);
return ret;
}