Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp2060408ybv;
        Fri, 14 Feb 2020 10:40:27 -0800 (PST)
X-Google-Smtp-Source: APXvYqyLYlRg+N4hqREWgWmYeqxglY2CUZdfmci7mfPXgwNbrrQyUUhsTseRWu3z3J5dg558peDq
X-Received: by 2002:a05:6830:1042:: with SMTP id b2mr3369827otp.306.1581705627782;
        Fri, 14 Feb 2020 10:40:27 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1581705627; cv=none;
        d=google.com; s=arc-20160816;
        b=IiDVBh9X2MN6yhnnLU/Tjpsl0NgrmauKwW9HrfThudBHiXihafgFeh6Ygvs1BoX/gM
         EEAnavPXIvcOVynOE9MW1ae20S2Lyo65CHdMypi9frihZUTaHeADitz2moKZhSYHRQ9S
         tVRIssT8rCyW/TC+Zw4csoZI19LxhVyeuDtkfL08FubmPNLLclzTDYUCouXVRQXhPfb9
         hg0PyUzHAvLokmYyuPDA/09mOppxz77/JWY5o4Yioy9W9cBnVDeoLXP6P5WtQ9jXnryF
         6PpxJ8qVY8/NxI1+ckbCAOoGfehaA0EeQZ/76gR/1wiR1VIX+30gDawu+9IBhiJhAFuh
         s7MA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from;
        bh=SSR9u+LniqSOwhJA5rG85GOQGPAErtLE0lQMQL45WAI=;
        b=fGEVR46GTZl1dNhc7QbWrA1DKh3dmnR1euCfmkp+CexhUO/cCJvxbsOPLX9SqJ3g5W
         kMm32MbbR90mt1DmXiC5z7s/5G9Ho/1m6/BzQBlBt2yMnET+qUQ4e9thVdN9aOVBakd7
         ekPZx3ebgLrJmaOD09jIKhZnOj4dPgICbEfNXlZfiPthc7XhAapHTZx4Zjbfq4lqw10O
         eKJL6hsXbaD0tdS8jawpyeOcVoUr/cMcyVSfqf/t7QzvFvlyVpH5XYgGyvBM6EwNUmfe
         40XyloXTW2trZw/NE5Fz9gQJT7rYXm5qSfdk7EyNm5cx0ry4wJFyxJ+2eMODo0vjzCJq
         NGyQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id o13si3280750otp.27.2020.02.14.10.40.15;
        Fri, 14 Feb 2020 10:40:27 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S2390528AbgBNSiq (ORCPT <rfc822;ahaning.tech@gmail.com>
        + 99 others); Fri, 14 Feb 2020 13:38:46 -0500
Received: from youngberry.canonical.com ([91.189.89.112]:33676 "EHLO
        youngberry.canonical.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1730585AbgBNSiC (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 14 Feb 2020 13:38:02 -0500
Received: from ip5f5bf7ec.dynamic.kabel-deutschland.de ([95.91.247.236] helo=wittgenstein.fritz.box)
        by youngberry.canonical.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
        (Exim 4.86_2)
        (envelope-from <christian.brauner@ubuntu.com>)
        id 1j2fqU-0000uO-Ht; Fri, 14 Feb 2020 18:37:46 +0000
From:   Christian Brauner <christian.brauner@ubuntu.com>
To:     =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber@ubuntu.com>,
        "Eric W. Biederman" <ebiederm@xmission.com>,
        Aleksa Sarai <cyphar@cyphar.com>, Jann Horn <jannh@google.com>
Cc:     smbarber@chromium.org, Seth Forshee <seth.forshee@canonical.com>,
        Alexander Viro <viro@zeniv.linux.org.uk>,
        Alexey Dobriyan <adobriyan@gmail.com>,
        Serge Hallyn <serge@hallyn.com>,
        James Morris <jmorris@namei.org>,
        Kees Cook <keescook@chromium.org>,
        Jonathan Corbet <corbet@lwn.net>,
        Phil Estes <estesp@gmail.com>, linux-kernel@vger.kernel.org,
        linux-fsdevel@vger.kernel.org,
        containers@lists.linux-foundation.org,
        linux-security-module@vger.kernel.org, linux-api@vger.kernel.org,
        Christian Brauner <christian.brauner@ubuntu.com>
Subject: [PATCH v2 12/28] sys:__sys_setregid(): handle fsid mappings
Date:   Fri, 14 Feb 2020 19:35:38 +0100
Message-Id: <20200214183554.1133805-13-christian.brauner@ubuntu.com>
X-Mailer: git-send-email 2.25.0
In-Reply-To: <20200214183554.1133805-1-christian.brauner@ubuntu.com>
References: <20200214183554.1133805-1-christian.brauner@ubuntu.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Switch setregid() to lookup fsids in the fsid mappings. If no fsid mappings are
setup the behavior is unchanged, i.e. fsids are looked up in the id mappings.

During setregid() the kfsgid is set to the kegid corresponding the egid that is
requested by userspace. If the requested egid is -1 the kfsgid is reset to the
current kegid. For the latter case this means we need to lookup the
corresponding userspace egid corresponding to the current kegid in the id
mappings and translate this egid into the corresponding kfsgid in the fsid
mappings.

The kfsid to cleanly handle userns visible filesystem is set as before.

We require that a user must have a valid fsid mapping for the target id. This
is consistent with how the setid calls work today without fsid mappings.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
/* v2 */
- Christian Brauner <christian.brauner@ubuntu.com>:
  - set kfsid which is used when dealing with proc permission checking
---
 kernel/sys.c | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/kernel/sys.c b/kernel/sys.c
index 4697e010bbd7..22eea030d9e7 100644
--- a/kernel/sys.c
+++ b/kernel/sys.c
@@ -354,7 +354,7 @@ long __sys_setregid(gid_t rgid, gid_t egid)
 	const struct cred *old;
 	struct cred *new;
 	int retval;
-	kgid_t krgid, kegid;
+	kgid_t krgid, kegid, kfsgid;
 
 	krgid = make_kgid(ns, rgid);
 	kegid = make_kgid(ns, egid);
@@ -386,12 +386,20 @@ long __sys_setregid(gid_t rgid, gid_t egid)
 			new->egid = kegid;
 		else
 			goto error;
+		kfsgid = make_kfsgid(ns, egid);
+	} else {
+		kfsgid = kgid_to_kfsgid(new->user_ns, new->egid);
+	}
+	if (!gid_valid(kfsgid)) {
+		retval = -EINVAL;
+		goto error;
 	}
 
 	if (rgid != (gid_t) -1 ||
 	    (egid != (gid_t) -1 && !gid_eq(kegid, old->gid)))
 		new->sgid = new->egid;
-	new->fsgid = new->egid;
+	new->kfsgid = new->egid;
+	new->fsgid = kfsgid;
 
 	return commit_creds(new);
 
-- 
2.25.0