--- /dev/null
+From 90515e7f5d7d24cbb2a4038a3f1b5cfa2921aa17 Mon Sep 17 00:00:00 2001
+From: Wang Shilong <wangsl.fnst@cn.fujitsu.com>
+Date: Tue, 7 Jan 2014 17:26:58 +0800
+Subject: Btrfs: handle EAGAIN case properly in btrfs_drop_snapshot()
+
+From: Wang Shilong <wangsl.fnst@cn.fujitsu.com>
+
+commit 90515e7f5d7d24cbb2a4038a3f1b5cfa2921aa17 upstream.
+
+We may return early in btrfs_drop_snapshot(), we shouldn't
+call btrfs_std_err() for this case, fix it.
+
+Signed-off-by: Wang Shilong <wangsl.fnst@cn.fujitsu.com>
+Signed-off-by: Josef Bacik <jbacik@fb.com>
+Signed-off-by: Chris Mason <clm@fb.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ fs/btrfs/extent-tree.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/fs/btrfs/extent-tree.c
++++ b/fs/btrfs/extent-tree.c
+@@ -7718,7 +7718,7 @@ out:
+ */
+ if (!for_reloc && root_dropped == false)
+ btrfs_add_dead_root(root);
+- if (err)
++ if (err && err != -EAGAIN)
+ btrfs_std_error(root->fs_info, err);
+ return err;
+ }
--- /dev/null
+From d024206133ce21936b3d5780359afc00247655b7 Mon Sep 17 00:00:00 2001
+From: David Sterba <dsterba@suse.cz>
+Date: Wed, 15 Jan 2014 18:15:52 +0100
+Subject: btrfs: restrict snapshotting to own subvolumes
+
+From: David Sterba <dsterba@suse.cz>
+
+commit d024206133ce21936b3d5780359afc00247655b7 upstream.
+
+Currently, any user can snapshot any subvolume if the path is accessible and
+thus indirectly create and keep files he does not own under his direcotries.
+This is not possible with traditional directories.
+
+In security context, a user can snapshot root filesystem and pin any
+potentially buggy binaries, even if the updates are applied.
+
+All the snapshots are visible to the administrator, so it's possible to
+verify if there are suspicious snapshots.
+
+Another more practical problem is that any user can pin the space used
+by eg. root and cause ENOSPC.
+
+Original report:
+https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/484786
+
+Signed-off-by: David Sterba <dsterba@suse.cz>
+Signed-off-by: Josef Bacik <jbacik@fb.com>
+Signed-off-by: Chris Mason <clm@fb.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ fs/btrfs/ioctl.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/fs/btrfs/ioctl.c
++++ b/fs/btrfs/ioctl.c
+@@ -1548,6 +1548,12 @@ static noinline int btrfs_ioctl_snap_cre
+ printk(KERN_INFO "btrfs: Snapshot src from "
+ "another FS\n");
+ ret = -EINVAL;
++ } else if (!inode_owner_or_capable(src_inode)) {
++ /*
++ * Subvolume creation is not restricted, but snapshots
++ * are limited to own subvolumes only
++ */
++ ret = -EPERM;
+ } else {
+ ret = btrfs_mksubvol(&file->f_path, name, namelen,
+ BTRFS_I(src_inode)->root,
projects / thirdparty / kernel / stable-queue.git / commitdiff
