[PATCH 1/1] ovl: ensure overlayfs inodes have correct ownerships

From: Andy Whitcroft
Date: Thu May 19 2011 - 07:43:59 EST


Overlayfs builds internal inodes representing the intersection between
the upper and lower directories. However these inodes do not inherit the
ownership of the underlying inodes, this is transparent in the normal case
as most operations apply to the real backing inodes. However the LSM
hooks commonly are passed these inodes and may make erroneous decisions
based on the carried credentials.

Fix up the permissions in any new inode to either match the intended
ownership of the directory for new files, or the underlying file for
existing files.

Signed-off-by: Andy Whitcroft <apw@xxxxxxxxxxxxx>
---
fs/overlayfs/dir.c | 15 +++++++++------
fs/overlayfs/super.c | 2 ++
2 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/fs/overlayfs/dir.c b/fs/overlayfs/dir.c
index e1c09c4..f0a672f 100644
--- a/fs/overlayfs/dir.c
+++ b/fs/overlayfs/dir.c
@@ -268,8 +268,8 @@ static int ovl_dir_getattr(struct vfsmount *mnt, struct dentry *dentry,
return 0;
}

-static int ovl_create_object(struct dentry *dentry, int mode, dev_t rdev,
- const char *link)
+static int ovl_create_object(struct inode *dir, struct dentry *dentry, int mode,
+ dev_t rdev, const char *link)
{
int err;
struct dentry *newdentry;
@@ -284,6 +284,7 @@ static int ovl_create_object(struct dentry *dentry, int mode, dev_t rdev,
inode = ovl_new_inode(dentry->d_sb, mode, dentry->d_fsdata);
if (!inode)
goto out;
+ inode_init_owner(inode, dir, mode);

err = ovl_copy_up(dentry->d_parent);
if (err)
@@ -325,24 +326,26 @@ out:
static int ovl_create(struct inode *dir, struct dentry *dentry, int mode,
struct nameidata *nd)
{
- return ovl_create_object(dentry, (mode & 07777) | S_IFREG, 0, NULL);
+ return ovl_create_object(dir, dentry,
+ (mode & 07777) | S_IFREG, 0, NULL);
}

static int ovl_mkdir(struct inode *dir, struct dentry *dentry, int mode)
{
- return ovl_create_object(dentry, (mode & 07777) | S_IFDIR, 0, NULL);
+ return ovl_create_object(dir, dentry,
+ (mode & 07777) | S_IFDIR, 0, NULL);
}

static int ovl_mknod(struct inode *dir, struct dentry *dentry, int mode,
dev_t rdev)
{
- return ovl_create_object(dentry, mode, rdev, NULL);
+ return ovl_create_object(dir, dentry, mode, rdev, NULL);
}

static int ovl_symlink(struct inode *dir, struct dentry *dentry,
const char *link)
{
- return ovl_create_object(dentry, S_IFLNK, 0, link);
+ return ovl_create_object(dir, dentry, S_IFLNK, 0, link);
}

static int ovl_do_remove(struct dentry *dentry, bool is_dir)
diff --git a/fs/overlayfs/super.c b/fs/overlayfs/super.c
index a9a09a6..e6b3af5 100644
--- a/fs/overlayfs/super.c
+++ b/fs/overlayfs/super.c
@@ -321,6 +321,8 @@ int ovl_do_lookup(struct dentry *dentry)
realdentry = upperdentry ? upperdentry : lowerdentry;
err = -ENOMEM;
inode = ovl_new_inode(dentry->d_sb, realdentry->d_inode->i_mode, oe);
+ inode->i_uid = realdentry->d_inode->i_uid;
+ inode->i_gid = realdentry->d_inode->i_gid;
if (!inode)
goto out_dput;
}
--
1.7.4.1

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/