From df44b9b02391ac505a68d666271756d283a56bb5 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Wed, 15 Mar 2023 08:46:48 +0100 Subject: [PATCH] 5.15-stable patches added patches: filelocks-use-mount-idmapping-for-setlease-permission-check.patch --- ...apping-for-setlease-permission-check.patch | 39 +++++++++++++++++++ queue-5.15/series | 1 + 2 files changed, 40 insertions(+) create mode 100644 queue-5.15/filelocks-use-mount-idmapping-for-setlease-permission-check.patch diff --git a/queue-5.15/filelocks-use-mount-idmapping-for-setlease-permission-check.patch b/queue-5.15/filelocks-use-mount-idmapping-for-setlease-permission-check.patch new file mode 100644 index 00000000000..92ccb195432 --- /dev/null +++ b/queue-5.15/filelocks-use-mount-idmapping-for-setlease-permission-check.patch @@ -0,0 +1,39 @@ +From 42d0c4bdf753063b6eec55415003184d3ca24f6e Mon Sep 17 00:00:00 2001 +From: Seth Forshee +Date: Thu, 9 Mar 2023 14:39:09 -0600 +Subject: filelocks: use mount idmapping for setlease permission check + +From: Seth Forshee + +commit 42d0c4bdf753063b6eec55415003184d3ca24f6e upstream. + +A user should be allowed to take out a lease via an idmapped mount if +the fsuid matches the mapped uid of the inode. generic_setlease() is +checking the unmapped inode uid, causing these operations to be denied. + +Fix this by comparing against the mapped inode uid instead of the +unmapped uid. + +Fixes: 9caccd41541a ("fs: introduce MOUNT_ATTR_IDMAP") +Cc: stable@vger.kernel.org +Signed-off-by: Seth Forshee (DigitalOcean) +Signed-off-by: Christian Brauner (Microsoft) +Signed-off-by: Greg Kroah-Hartman +--- + fs/locks.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +--- a/fs/locks.c ++++ b/fs/locks.c +@@ -1901,9 +1901,10 @@ int generic_setlease(struct file *filp, + void **priv) + { + struct inode *inode = locks_inode(filp); ++ vfsuid_t vfsuid = i_uid_into_vfsuid(file_mnt_user_ns(filp), inode); + int error; + +- if ((!uid_eq(current_fsuid(), inode->i_uid)) && !capable(CAP_LEASE)) ++ if ((!vfsuid_eq_kuid(vfsuid, current_fsuid())) && !capable(CAP_LEASE)) + return -EACCES; + if (!S_ISREG(inode->i_mode)) + return -EINVAL; diff --git a/queue-5.15/series b/queue-5.15/series index e325be13a1c..baadd6c6a4f 100644 --- a/queue-5.15/series +++ b/queue-5.15/series @@ -114,3 +114,4 @@ pci-avoid-flr-for-solidrun-snet-dpu-rev-1.patch scripts-handle-brokenpipeerror-for-python-scripts.patch media-ov5640-fix-analogue-gain-control.patch media-rc-gpio-ir-recv-add-remove-function.patch +filelocks-use-mount-idmapping-for-setlease-permission-check.patch -- 2.47.3