Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp7367212imm; Tue, 28 Aug 2018 10:44:07 -0700 (PDT) X-Google-Smtp-Source: ANB0VdY5unJduSB3oM3ULA8HkpDNzTUzWQDF8DlFpaZOW0kasG8O6HFuEHgKwC+UjGhTQEDxSw2z X-Received: by 2002:a62:5f82:: with SMTP id t124-v6mr2533877pfb.223.1535478247326; Tue, 28 Aug 2018 10:44:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1535478247; cv=none; d=google.com; s=arc-20160816; b=VSNqZFeBL+9bfoHs5P61zrK+3O0/Z6N6PK9wjTU390IPQW7tDd+0C1qmcLC9/vDZf5 QFtTgwcJBh8VvTvBmwvONkqk7Jj0POTGyDTt3aRtzII4N0Dz8BPzQxqKc3F8oOrNn9O0 NAjBrmcep/VvCYZXIx19FqgulKYtqrUKF/AY1Eqay4PXmWs2OWGEKpX2GtDy+6A0LCTO Prq7JK0jyj8WktDLQmFsY0hNzXoNCPTkceiKTnqAmeSYONFPO81AtPicIVexinbswCvX RzciBPu6FTFKsmD8sdpoVmx3M6b668lgToD+oHij24lSbD7aXANvUKR7/0bnSrf6M09B Ermg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature :arc-authentication-results; bh=GogHkebH8SfHDxdMiBVjtef2fAiB9yRDSAW8eCFewQ8=; b=JHo7UEPrFu9isMZVwRMO9tvNz/yta+C4KGsvPWXyua4FYy7gGKAF/4PnxjnzILVWU4 /SR+xY09j61xRB2zIowad8WqUw/gDJEBnLuQkbJ8NVntZqf4vuvI7VMLBL+ZxLMaQaNM 0D0xX0JJaRpCv68j61quByUy0c0y+YvHQFjQjZ7J+95LOoRoAS/FdTYMwTUH3zXiQkOq VFcdkZ9bxB/lonOTU2/eL1i7IMjvn/NOT1qsaXOrzgpDAM3D/pfuw/iCilyxQrMnU5iY YjqgHT1fwmZcAjbckS8GHs5Ynl9gd4rKoj3l/4nTbWX62tSi33Do5bGY0ZBMfEJ8hoWy 9ubA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=VjjSOOBP; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h89-v6si1411425pld.517.2018.08.28.10.43.51; Tue, 28 Aug 2018 10:44:07 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=VjjSOOBP; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727464AbeH1VeS (ORCPT + 99 others); Tue, 28 Aug 2018 17:34:18 -0400 Received: from mail-yw1-f66.google.com ([209.85.161.66]:45559 "EHLO mail-yw1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726383AbeH1VeS (ORCPT ); Tue, 28 Aug 2018 17:34:18 -0400 Received: by mail-yw1-f66.google.com with SMTP id p206-v6so899807ywg.12; Tue, 28 Aug 2018 10:41:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=GogHkebH8SfHDxdMiBVjtef2fAiB9yRDSAW8eCFewQ8=; b=VjjSOOBPjzbU3yMD0azkhYiq3m3dbUoeLiAzmcV/StQxpKFkm+Z/iBZHZ531QUCo3L jbtBFLEjCU8GvRCBNdxjTIRNfkdKDZQECFLfDhhEtGQxeS7nXBrtkDX+Y8qTTyOLCZFl CNX2pvIAoUMZ5ji7LLfrMRRtgz9T3f80x0hciRk6Lc1S54RsfdnRD2JsWCW3H8botcxN orsREPOO0yTLRgtFs6SqDznUJ0HYG+gcAMf1KcP9cUpylyxBeNvMa0Tq8LLtJX8DOIcQ wfaTgMfh/7NCS9cIj87HZznysuDdaLzXPFen8SsI6F8cOVt6ZCn4YF2jTSS/t3gNOPqh zE8A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=GogHkebH8SfHDxdMiBVjtef2fAiB9yRDSAW8eCFewQ8=; b=twNWoW/vt5og/0I3QzZCTmEo+aMI25wio3nSl23ewgqIlk6bxWC3x53RsRQGE72+qi y9XcMIC1dS2BB/r8aXjUp7B+XhpGgBL2LBibIQXNJesUkeRInxPwLl9HN9eJR7a9avTY qNTrWWzf16etOoqSiqw4oNtKQ9FMPO6wwnXKKFTAfo6sK1p6tpLRpllug5hWm6huSLaa 12GXJj+QqwNkwshLJ422W5E2eZehUlx8QzZX+dHcHHFwACQ5GhIBmXIl8VQHMiU/N1vi JVMKX9bexAtnkzIlhoE9JvzIvqv7tYo2ZMS1AT2lKySc0lu5Plagdxh+r6J0GEGScs9Z rmuQ== X-Gm-Message-State: APzg51AoB1hen71KHq/H+aTrepA+W3Pnfp5qcSdgzBryts/gdINPBiYA OodRe9dVOB4DTVedWwBjZYHSgw4d2lVYhlMpLWg= X-Received: by 2002:a0d:c903:: with SMTP id l3-v6mr1420735ywd.404.1535478094653; Tue, 28 Aug 2018 10:41:34 -0700 (PDT) MIME-Version: 1.0 References: <20180828165319.211563-1-salyzyn@android.com> In-Reply-To: <20180828165319.211563-1-salyzyn@android.com> From: Amir Goldstein Date: Tue, 28 Aug 2018 20:43:21 +0300 Message-ID: Subject: Re: [PATCH v5 2/3] overlayfs: check CAP_MKNOD before issuing vfs_whiteout To: Mark Salyzyn Cc: linux-kernel , Miklos Szeredi , Jonathan Corbet , Vivek Goyal , "Eric W. Biederman" , Randy Dunlap , Stephen Smalley , overlayfs , linux-doc@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Aug 28, 2018 at 7:53 PM Mark Salyzyn wrote: > > Assumption never checked, should fail if the mounter creds are not > sufficient. > > Signed-off-by: Mark Salyzyn > Cc: Miklos Szeredi > Cc: Jonathan Corbet > Cc: Vivek Goyal > Cc: Eric W. Biederman > Cc: Amir Goldstein > Cc: Randy Dunlap > Cc: Stephen Smalley > Cc: linux-unionfs@vger.kernel.org > Cc: linux-doc@vger.kernel.org > Cc: linux-kernel@vger.kernel.org > > v5 > - dependency of "overlayfs: override_creds=off option bypass creator_cred" > --- > fs/overlayfs/overlayfs.h | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/fs/overlayfs/overlayfs.h b/fs/overlayfs/overlayfs.h > index 7538b9b56237..bf3a80157d42 100644 > --- a/fs/overlayfs/overlayfs.h > +++ b/fs/overlayfs/overlayfs.h > @@ -176,7 +176,7 @@ static inline int ovl_do_rename(struct inode *olddir, struct dentry *olddentry, > > static inline int ovl_do_whiteout(struct inode *dir, struct dentry *dentry) > { > - int err = vfs_whiteout(dir, dentry); > + int err = capable(CAP_MKNOD) ? vfs_whiteout(dir, dentry) : -EPERM; Should that be ns_capable()? Should the test go into vfs_whiteout()? I feel there is no convention at all. Thanks, Amir.