Re: [PATCH 1/2] ecryptfs: fix uid translation for setxattr on security.capability

From: Eric W. Biederman
Date: Tue Jan 19 2021 - 16:09:21 EST

Next message: Alexandre Belloni: "Re: [PATCH v2 02/17] rtc: bd70528: Do not require parent data"
Previous message: Alexei Starovoitov: "Re: [PATCH v3 bpf-next 0/2] Allow attaching to bare tracepoints"
In reply to: Miklos Szeredi: "[PATCH 1/2] ecryptfs: fix uid translation for setxattr on security.capability"
Next in thread: Miklos Szeredi: "Re: [PATCH 1/2] ecryptfs: fix uid translation for setxattr on security.capability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Miklos Szeredi <mszeredi@xxxxxxxxxx> writes:

> Prior to commit 7c03e2cda4a5 ("vfs: move cap_convert_nscap() call into
> vfs_setxattr()") the translation of nscap->rootid did not take stacked
> filesystems (overlayfs and ecryptfs) into account.
>
> That patch fixed the overlay case, but made the ecryptfs case worse.
>
> Restore old the behavior for ecryptfs that existed before the overlayfs
> fix. This does not fix ecryptfs's handling of complex user namespace
> setups, but it does make sure existing setups don't regress.

Today vfs_setxattr handles handles a delegated_inode and breaking
leases. Code that is enabled with CONFIG_FILE_LOCKING. So unless
I am missing something this introduces a different regression into
ecryptfs.

>
> Reported-by: Eric W. Biederman <ebiederm@xxxxxxxxxxxx>
> Cc: Tyler Hicks <code@xxxxxxxxxxx>
> Fixes: 7c03e2cda4a5 ("vfs: move cap_convert_nscap() call into vfs_setxattr()")
> Signed-off-by: Miklos Szeredi <mszeredi@xxxxxxxxxx>
> ---
> fs/ecryptfs/inode.c | 10 +++++++---
> 1 file changed, 7 insertions(+), 3 deletions(-)
>
> diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c
> index e23752d9a79f..58d0f7187997 100644
> --- a/fs/ecryptfs/inode.c
> +++ b/fs/ecryptfs/inode.c
> @@ -1016,15 +1016,19 @@ ecryptfs_setxattr(struct dentry *dentry, struct inode *inode,
> {
> int rc;
> struct dentry *lower_dentry;
> + struct inode *lower_inode;
>
> lower_dentry = ecryptfs_dentry_to_lower(dentry);
> - if (!(d_inode(lower_dentry)->i_opflags & IOP_XATTR)) {
> + lower_inode = d_inode(lower_dentry);
> + if (!(lower_inode->i_opflags & IOP_XATTR)) {
> rc = -EOPNOTSUPP;
> goto out;
> }
> - rc = vfs_setxattr(lower_dentry, name, value, size, flags);
> + inode_lock(lower_inode);
> + rc = __vfs_setxattr_locked(lower_dentry, name, value, size, flags, NULL);
> + inode_unlock(lower_inode);
> if (!rc && inode)
> - fsstack_copy_attr_all(inode, d_inode(lower_dentry));
> + fsstack_copy_attr_all(inode, lower_inode);
> out:
> return rc;
> }

Eric

Next message: Alexandre Belloni: "Re: [PATCH v2 02/17] rtc: bd70528: Do not require parent data"
Previous message: Alexei Starovoitov: "Re: [PATCH v3 bpf-next 0/2] Allow attaching to bare tracepoints"
In reply to: Miklos Szeredi: "[PATCH 1/2] ecryptfs: fix uid translation for setxattr on security.capability"
Next in thread: Miklos Szeredi: "Re: [PATCH 1/2] ecryptfs: fix uid translation for setxattr on security.capability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]