From patchwork Wed Jul 13 14:44:54 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vivek Goyal X-Patchwork-Id: 9227741 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 83B0E6088F for ; Wed, 13 Jul 2016 14:48:56 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 736C62756B for ; Wed, 13 Jul 2016 14:48:56 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 67EB827F9C; Wed, 13 Jul 2016 14:48:56 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 186E627F96 for ; Wed, 13 Jul 2016 14:48:56 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752729AbcGMOpu (ORCPT ); Wed, 13 Jul 2016 10:45:50 -0400 Received: from mx1.redhat.com ([209.132.183.28]:53532 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752628AbcGMOpr (ORCPT ); Wed, 13 Jul 2016 10:45:47 -0400 Received: from int-mx14.intmail.prod.int.phx2.redhat.com (int-mx14.intmail.prod.int.phx2.redhat.com [10.5.11.27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 6BAE5F5DF6; Wed, 13 Jul 2016 14:45:04 +0000 (UTC) Received: from horse.redhat.com (dhcp-25-90.bos.redhat.com [10.18.25.90]) by int-mx14.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id u6DEj44M026861; Wed, 13 Jul 2016 10:45:04 -0400 Received: by horse.redhat.com (Postfix, from userid 10451) id A7205206075; Wed, 13 Jul 2016 10:45:02 -0400 (EDT) From: Vivek Goyal To: miklos@szeredi.hu, sds@tycho.nsa.gov, pmoore@redhat.com, casey@schaufler-ca.com, linux-kernel@vger.kernel.org, linux-unionfs@vger.kernel.org, linux-security-module@vger.kernel.org Cc: dwalsh@redhat.com, dhowells@redhat.com, viro@ZenIV.linux.org.uk, vgoyal@redhat.com, linux-fsdevel@vger.kernel.org Subject: [PATCH 8/9] overlayfs: Dilute permission checks on lower only if not special file Date: Wed, 13 Jul 2016 10:44:54 -0400 Message-Id: <1468421095-22322-9-git-send-email-vgoyal@redhat.com> In-Reply-To: <1468421095-22322-1-git-send-email-vgoyal@redhat.com> References: <1468421095-22322-1-git-send-email-vgoyal@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.27 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Wed, 13 Jul 2016 14:45:04 +0000 (UTC) Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Right now if file is on lower/, we remove MAY_WRITE/MAY_APPEND bits from mask as lower/ will never be written and file will be copied up. But this is not true for special files. These files are not copied up and are opened in place. So don't dilute the checks for these types of files. Reported-by: Dan Walsh Signed-off-by: Vivek Goyal --- fs/overlayfs/inode.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/overlayfs/inode.c b/fs/overlayfs/inode.c index 66f42f5..6d9d86e 100644 --- a/fs/overlayfs/inode.c +++ b/fs/overlayfs/inode.c @@ -140,7 +140,7 @@ int ovl_permission(struct inode *inode, int mask) return err; old_cred = ovl_override_creds(inode->i_sb); - if (!is_upper) + if (!is_upper && !special_file(realinode->i_mode)) mask &= ~(MAY_WRITE | MAY_APPEND); err = inode_permission(realinode, mask); revert_creds(old_cred);