diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2016-11-04 23:03:14 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2016-11-04 23:03:14 -0400 |
| commit | bd30fac18f9ec12b0c2590ebdb8e18ddb104c065 (patch) | |
| tree | f8d651a93a65ad1ac7efcf5386f3f4cc25940ee5 | |
| parent | d4c5f43dcd05529236a0f957b27d2597c24e5f69 (diff) | |
| parent | 641089c1549d8d3df0b047b5de7e9a111362cdce (diff) | |
Merge branch 'overlayfs-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs
Pull overlayfs fixes from Miklos Szeredi:
"Fix two more POSIX ACL bugs introduced in 4.8 and add a missing fsync
during copy up to prevent possible data loss"
* 'overlayfs-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs:
ovl: fsync after copy-up
ovl: fix get_acl() on tmpfs
ovl: update S_ISGID when setting posix ACLs
| -rw-r--r-- | fs/overlayfs/copy_up.c | 2 | ||||
| -rw-r--r-- | fs/overlayfs/inode.c | 3 | ||||
| -rw-r--r-- | fs/overlayfs/super.c | 15 |
3 files changed, 17 insertions, 3 deletions
diff --git a/fs/overlayfs/copy_up.c b/fs/overlayfs/copy_up.c index aeb60f791418..36795eed40b0 100644 --- a/fs/overlayfs/copy_up.c +++ b/fs/overlayfs/copy_up.c | |||
| @@ -178,6 +178,8 @@ static int ovl_copy_up_data(struct path *old, struct path *new, loff_t len) | |||
| 178 | len -= bytes; | 178 | len -= bytes; |
| 179 | } | 179 | } |
| 180 | 180 | ||
| 181 | if (!error) | ||
| 182 | error = vfs_fsync(new_file, 0); | ||
| 181 | fput(new_file); | 183 | fput(new_file); |
| 182 | out_fput: | 184 | out_fput: |
| 183 | fput(old_file); | 185 | fput(old_file); |
diff --git a/fs/overlayfs/inode.c b/fs/overlayfs/inode.c index c58f01babf30..7fb53d055537 100644 --- a/fs/overlayfs/inode.c +++ b/fs/overlayfs/inode.c | |||
| @@ -270,9 +270,6 @@ struct posix_acl *ovl_get_acl(struct inode *inode, int type) | |||
| 270 | if (!IS_ENABLED(CONFIG_FS_POSIX_ACL) || !IS_POSIXACL(realinode)) | 270 | if (!IS_ENABLED(CONFIG_FS_POSIX_ACL) || !IS_POSIXACL(realinode)) |
| 271 | return NULL; | 271 | return NULL; |
| 272 | 272 | ||
| 273 | if (!realinode->i_op->get_acl) | ||
| 274 | return NULL; | ||
| 275 | |||
| 276 | old_cred = ovl_override_creds(inode->i_sb); | 273 | old_cred = ovl_override_creds(inode->i_sb); |
| 277 | acl = get_acl(realinode, type); | 274 | acl = get_acl(realinode, type); |
| 278 | revert_creds(old_cred); | 275 | revert_creds(old_cred); |
diff --git a/fs/overlayfs/super.c b/fs/overlayfs/super.c index bcf3965be819..edd46a0e951d 100644 --- a/fs/overlayfs/super.c +++ b/fs/overlayfs/super.c | |||
| @@ -1037,6 +1037,21 @@ ovl_posix_acl_xattr_set(const struct xattr_handler *handler, | |||
| 1037 | 1037 | ||
| 1038 | posix_acl_release(acl); | 1038 | posix_acl_release(acl); |
| 1039 | 1039 | ||
| 1040 | /* | ||
| 1041 | * Check if sgid bit needs to be cleared (actual setacl operation will | ||
| 1042 | * be done with mounter's capabilities and so that won't do it for us). | ||
| 1043 | */ | ||
| 1044 | if (unlikely(inode->i_mode & S_ISGID) && | ||
| 1045 | handler->flags == ACL_TYPE_ACCESS && | ||
| 1046 | !in_group_p(inode->i_gid) && | ||
| 1047 | !capable_wrt_inode_uidgid(inode, CAP_FSETID)) { | ||
| 1048 | struct iattr iattr = { .ia_valid = ATTR_KILL_SGID }; | ||
| 1049 | |||
| 1050 | err = ovl_setattr(dentry, &iattr); | ||
| 1051 | if (err) | ||
| 1052 | return err; | ||
| 1053 | } | ||
| 1054 | |||
| 1040 | err = ovl_xattr_set(dentry, handler->name, value, size, flags); | 1055 | err = ovl_xattr_set(dentry, handler->name, value, size, flags); |
| 1041 | if (!err) | 1056 | if (!err) |
| 1042 | ovl_copyattr(ovl_inode_real(inode, NULL), inode); | 1057 | ovl_copyattr(ovl_inode_real(inode, NULL), inode); |