diff options
| author | Vivek Goyal <vgoyal@redhat.com> | 2016-07-13 11:00:14 -0400 |
|---|---|---|
| committer | Miklos Szeredi <mszeredi@redhat.com> | 2016-07-29 06:05:24 -0400 |
| commit | e29841a0ab3d03e77313abd8fb4c16e80fb26e29 (patch) | |
| tree | 2fa92fa454d171915a7cfa2ee2800703567cffd4 | |
| parent | d837a49bd57f1ec2f6411efa829fecc34002b110 (diff) | |
ovl: dilute permission checks on lower only if not special file
Right now if file is on lower/, we remove MAY_WRITE/MAY_APPEND bits from
mask as lower/ will never be written and file will be copied up. But this
is not true for special files. These files are not copied up and are opened
in place. So don't dilute the checks for these types of files.
Reported-by: Dan Walsh <dwalsh@redhat.com>
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
| -rw-r--r-- | fs/overlayfs/inode.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/fs/overlayfs/inode.c b/fs/overlayfs/inode.c index f7caf16f9bec..76cfe9d04e64 100644 --- a/fs/overlayfs/inode.c +++ b/fs/overlayfs/inode.c | |||
| @@ -137,7 +137,7 @@ int ovl_permission(struct inode *inode, int mask) | |||
| 137 | return err; | 137 | return err; |
| 138 | 138 | ||
| 139 | old_cred = ovl_override_creds(inode->i_sb); | 139 | old_cred = ovl_override_creds(inode->i_sb); |
| 140 | if (!is_upper) | 140 | if (!is_upper && !special_file(realinode->i_mode)) |
| 141 | mask &= ~(MAY_WRITE | MAY_APPEND); | 141 | mask &= ~(MAY_WRITE | MAY_APPEND); |
| 142 | err = inode_permission(realinode, mask); | 142 | err = inode_permission(realinode, mask); |
| 143 | revert_creds(old_cred); | 143 | revert_creds(old_cred); |