patches for 4.4

Signed-off-by: Sasha Levin (Microsoft) <sashal@kernel.org>

diff --git a/queue-4.4/ovl-fix-uid-gid-when-creating-over-whiteout.patch b/queue-4.4/ovl-fix-uid-gid-when-creating-over-whiteout.patch
new file mode 100644 (file)
index 0000000..1fd14f8
--- /dev/null
+++ b/queue-4.4/ovl-fix-uid-gid-when-creating-over-whiteout.patch
@@ -0,0 +1,60 @@
+From 16c06d419ec62adc29be4a053c6a62eeeb4f6ca7 Mon Sep 17 00:00:00 2001
+From: Miklos Szeredi <mszeredi@redhat.com>
+Date: Wed, 15 Jun 2016 14:18:59 +0200
+Subject: ovl: fix uid/gid when creating over whiteout
+
+[ Upstream commit d0e13f5bbe4be7c8f27736fc40503dcec04b7de0 ]
+
+Fix a regression when creating a file over a whiteout.  The new
+file/directory needs to use the current fsuid/fsgid, not the ones from the
+mounter's credentials.
+
+The refcounting is a bit tricky: prepare_creds() sets an original refcount,
+override_creds() gets one more, which revert_cred() drops.  So
+
+  1) we need to expicitly put the mounter's credentials when overriding
+     with the updated one
+
+  2) we need to put the original ref to the updated creds (and this can
+     safely be done before revert_creds(), since we'll still have the ref
+     from override_creds()).
+
+Reported-by: Stephen Smalley <sds@tycho.nsa.gov>
+Fixes: 3fe6e52f0626 ("ovl: override creds with the ones from the superblock mounter")
+Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
+Signed-off-by: Sasha Levin (Microsoft) <sashal@kernel.org>
+---
+ fs/overlayfs/dir.c | 13 +++++++++++--
+ 1 file changed, 11 insertions(+), 2 deletions(-)
+
+diff --git a/fs/overlayfs/dir.c b/fs/overlayfs/dir.c
+index f8aa54272121..eedacae889b9 100644
+--- a/fs/overlayfs/dir.c
++++ b/fs/overlayfs/dir.c
+@@ -408,12 +408,21 @@ static int ovl_create_or_link(struct dentry *dentry, int mode, dev_t rdev,
+               err = ovl_create_upper(dentry, inode, &stat, link, hardlink);
+       } else {
+               const struct cred *old_cred;
++              struct cred *override_cred;
+ 
+               old_cred = ovl_override_creds(dentry->d_sb);
+ 
+-              err = ovl_create_over_whiteout(dentry, inode, &stat, link,
+-                                             hardlink);
++              err = -ENOMEM;
++              override_cred = prepare_creds();
++              if (override_cred) {
++                      override_cred->fsuid = old_cred->fsuid;
++                      override_cred->fsgid = old_cred->fsgid;
++                      put_cred(override_creds(override_cred));
++                      put_cred(override_cred);
+ 
++                      err = ovl_create_over_whiteout(dentry, inode, &stat,
++                                                     link, hardlink);
++              }
+               revert_creds(old_cred);
+       }
+ 
+-- 
+2.19.1
+

diff --git a/queue-4.4/series b/queue-4.4/series
index c6ad6e8c9d945dc9be523bafd86f9ab67faec111..05902693ef897a4f713b5ccabe447f790453dae1 100644 (file)
--- a/queue-4.4/series
+++ b/queue-4.4/series
@@ -132,3 +132,4 @@ appletalk-fix-use-after-free-in-atalk_proc_exit.patch
 lib-div64.c-off-by-one-in-shift.patch
 include-linux-swap.h-use-offsetof-instead-of-custom-.patch
 tpm-tpm_crb-avoid-unaligned-reads-in-crb_recv.patch
+ovl-fix-uid-gid-when-creating-over-whiteout.patch