7c8c9e1e53
commit 89bdfaf93d9157499c3a0d61f489df66f2dead7f upstream.
ovl_ioctl_set_flags() does a capability check using flags, but then the
real ioctl double-fetches flags and uses potentially different value.
The "Check the capability before cred override" comment misleading: user
can skip this check by presenting benign flags first and then overwriting
them to non-benign flags.
Just remove the cred override for now, hoping this doesn't cause a
regression.
The proper solution is to create a new setxflags i_op (patches are in the
works).
Xfstests don't show a regression.
Reported-by: Dmitry Vyukov <dvyukov@google.com>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Reviewed-by: Amir Goldstein <amir73il@gmail.com>
Fixes:
|
||
|---|---|---|
| .. | ||
| copy_up.c | ||
| dir.c | ||
| export.c | ||
| file.c | ||
| inode.c | ||
| Kconfig | ||
| Makefile | ||
| namei.c | ||
| overlayfs.h | ||
| ovl_entry.h | ||
| readdir.c | ||
| super.c | ||
| util.c | ||