]> git.ipfire.org Git - thirdparty/kernel/stable-queue.git/blob - queue-4.19/ovl-do-not-lose-security.capability-xattr-over-metadata-file-copy-up.patch
projects / thirdparty / kernel / stable-queue.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Linux 4.14.108
[thirdparty/kernel/stable-queue.git] / queue-4.19 / ovl-do-not-lose-security.capability-xattr-over-metadata-file-copy-up.patch
1 From 993a0b2aec52754f0897b1dab4c453be8217cae5 Mon Sep 17 00:00:00 2001
2 From: Vivek Goyal <vgoyal@redhat.com>
3 Date: Wed, 30 Jan 2019 14:01:57 -0500
4 Subject: ovl: Do not lose security.capability xattr over metadata file copy-up
5
6 From: Vivek Goyal <vgoyal@redhat.com>
7
8 commit 993a0b2aec52754f0897b1dab4c453be8217cae5 upstream.
9
10 If a file has been copied up metadata only, and later data is copied up,
11 upper loses any security.capability xattr it has (underlying filesystem
12 clears it as upon file write).
13
14 From a user's point of view, this is just a file copy-up and that should
15 not result in losing security.capability xattr. Hence, before data copy
16 up, save security.capability xattr (if any) and restore it on upper after
17 data copy up is complete.
18
19 Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
20 Reviewed-by: Amir Goldstein <amir73il@gmail.com>
21 Fixes: 0c2888749363 ("ovl: A new xattr OVL_XATTR_METACOPY for file on upper")
22 Cc: <stable@vger.kernel.org> # v4.19+
23 Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
24 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
25
26 ---
27 fs/overlayfs/copy_up.c | 28 ++++++++++++++++++++++-
28 fs/overlayfs/overlayfs.h | 2 +
29 fs/overlayfs/util.c | 55 +++++++++++++++++++++++++++++------------------
30 3 files changed, 63 insertions(+), 22 deletions(-)
31
32 --- a/fs/overlayfs/copy_up.c
33 +++ b/fs/overlayfs/copy_up.c
34 @@ -711,6 +711,8 @@ static int ovl_copy_up_meta_inode_data(s
35 {
36 struct path upperpath, datapath;
37 int err;
38 + char *capability = NULL;
39 + ssize_t uninitialized_var(cap_size);
40
41 ovl_path_upper(c->dentry, &upperpath);
42 if (WARN_ON(upperpath.dentry == NULL))
43 @@ -720,15 +722,37 @@ static int ovl_copy_up_meta_inode_data(s
44 if (WARN_ON(datapath.dentry == NULL))
45 return -EIO;
46
47 + if (c->stat.size) {
48 + err = cap_size = ovl_getxattr(upperpath.dentry, XATTR_NAME_CAPS,
49 + &capability, 0);
50 + if (err < 0 && err != -ENODATA)
51 + goto out;
52 + }
53 +
54 err = ovl_copy_up_data(&datapath, &upperpath, c->stat.size);
55 if (err)
56 - return err;
57 + goto out_free;
58 +
59 + /*
60 + * Writing to upper file will clear security.capability xattr. We
61 + * don't want that to happen for normal copy-up operation.
62 + */
63 + if (capability) {
64 + err = ovl_do_setxattr(upperpath.dentry, XATTR_NAME_CAPS,
65 + capability, cap_size, 0);
66 + if (err)
67 + goto out_free;
68 + }
69 +
70
71 err = vfs_removexattr(upperpath.dentry, OVL_XATTR_METACOPY);
72 if (err)
73 - return err;
74 + goto out_free;
75
76 ovl_set_upperdata(d_inode(c->dentry));
77 +out_free:
78 + kfree(capability);
79 +out:
80 return err;
81 }
82
83 --- a/fs/overlayfs/overlayfs.h
84 +++ b/fs/overlayfs/overlayfs.h
85 @@ -277,6 +277,8 @@ int ovl_lock_rename_workdir(struct dentr
86 int ovl_check_metacopy_xattr(struct dentry *dentry);
87 bool ovl_is_metacopy_dentry(struct dentry *dentry);
88 char *ovl_get_redirect_xattr(struct dentry *dentry, int padding);
89 +ssize_t ovl_getxattr(struct dentry *dentry, char *name, char **value,
90 + size_t padding);
91
92 static inline bool ovl_is_impuredir(struct dentry *dentry)
93 {
94 --- a/fs/overlayfs/util.c
95 +++ b/fs/overlayfs/util.c
96 @@ -867,28 +867,49 @@ bool ovl_is_metacopy_dentry(struct dentr
97 return (oe->numlower > 1);
98 }
99
100 -char *ovl_get_redirect_xattr(struct dentry *dentry, int padding)
101 +ssize_t ovl_getxattr(struct dentry *dentry, char *name, char **value,
102 + size_t padding)
103 {
104 - int res;
105 - char *s, *next, *buf = NULL;
106 + ssize_t res;
107 + char *buf = NULL;
108
109 - res = vfs_getxattr(dentry, OVL_XATTR_REDIRECT, NULL, 0);
110 + res = vfs_getxattr(dentry, name, NULL, 0);
111 if (res < 0) {
112 if (res == -ENODATA || res == -EOPNOTSUPP)
113 - return NULL;
114 + return -ENODATA;
115 goto fail;
116 }
117
118 - buf = kzalloc(res + padding + 1, GFP_KERNEL);
119 - if (!buf)
120 - return ERR_PTR(-ENOMEM);
121 + if (res != 0) {
122 + buf = kzalloc(res + padding, GFP_KERNEL);
123 + if (!buf)
124 + return -ENOMEM;
125 +
126 + res = vfs_getxattr(dentry, name, buf, res);
127 + if (res < 0)
128 + goto fail;
129 + }
130 + *value = buf;
131
132 - if (res == 0)
133 - goto invalid;
134 + return res;
135 +
136 +fail:
137 + pr_warn_ratelimited("overlayfs: failed to get xattr %s: err=%zi)\n",
138 + name, res);
139 + kfree(buf);
140 + return res;
141 +}
142 +
143 +char *ovl_get_redirect_xattr(struct dentry *dentry, int padding)
144 +{
145 + int res;
146 + char *s, *next, *buf = NULL;
147
148 - res = vfs_getxattr(dentry, OVL_XATTR_REDIRECT, buf, res);
149 + res = ovl_getxattr(dentry, OVL_XATTR_REDIRECT, &buf, padding + 1);
150 + if (res == -ENODATA)
151 + return NULL;
152 if (res < 0)
153 - goto fail;
154 + return ERR_PTR(res);
155 if (res == 0)
156 goto invalid;
157
158 @@ -904,15 +925,9 @@ char *ovl_get_redirect_xattr(struct dent
159 }
160
161 return buf;
162 -
163 -err_free:
164 - kfree(buf);
165 - return ERR_PTR(res);
166 -fail:
167 - pr_warn_ratelimited("overlayfs: failed to get redirect (%i)\n", res);
168 - goto err_free;
169 invalid:
170 pr_warn_ratelimited("overlayfs: invalid redirect (%s)\n", buf);
171 res = -EINVAL;
172 - goto err_free;
173 + kfree(buf);
174 + return ERR_PTR(res);
175 }
Mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git