Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp3519029pxf; Mon, 15 Mar 2021 11:20:50 -0700 (PDT) X-Google-Smtp-Source: ABdhPJw1e4N6qFjGDJFkgsAi8tR/OXYJmcmWf70Id8pebHteEBJZFWeoVx5mCpbGUxLn2aQy2Aok X-Received: by 2002:a50:f311:: with SMTP id p17mr32460541edm.188.1615832450633; Mon, 15 Mar 2021 11:20:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1615832450; cv=none; d=google.com; s=arc-20160816; b=wvtWR/XhmKlPWGi+8QH7GdrC7rRwBhKIxf0tce++U8ytoGsKxdZ09y0VeHoFMW5ZRp WKQwblBCTMB65yESoWtJRVLYI4Y9yIjYEF2diSRFA9jI4K6Yewxw7NKJT/YX0+YEDo45 wIVRJtPOE/IIE7hwUq3YoiUNcXN9Zj0qCRrspwj3R6k7TFO7E28L2UJkJDoHtjuXch4N v4rTYgjnDHZuBaJuT+XanuAJo/xCDujocN/qL+4MbdhweVNOw8nYoFrCwaNCsPb7cHDq lIPBtJh9Sq+2w3jS99+2SC1xo+07do1td24QqHPG3B1ensXLEa7J95K8vEcq1ej/dC9c JjAg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=SEFBcvoQgt6c+j0eyAKYUXcmAKNyvXdrhoQyvhrzjAk=; b=sVCQVjmq0FEQC1eQRwgmd6ksl0l3qUwrEzM7mMND1eUrGUQV1UzLAU39Ul5Zer0HQR g3pfDzUw/DmtbWcR3Lbw2L70iTE6UE+GtzDh/sDffbp35WXsuIlbPJIPmvuowO7kz0zu AvL9n0IL7veODxySmvfQuBg6H1y7EVUx6HNzanSrnAOjL+O6Zb5BjeAf8ssa6VvyMIBb IJoWoQctvKgH+FLOFwrX4qbX2EAyqJ4PW3CGIGE0mQeK+7KIHUy9BNMB8BtnnUSJu5ID m22zwuHzySxQPp1hAAvkw4zcgA2bU1sLj7XZa8uVWNm+WDS3YsUX4LfpNVE26hckFH3d NiaA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=mzAWz6pK; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id a3si11380679ejd.167.2021.03.15.11.20.28; Mon, 15 Mar 2021 11:20:50 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=mzAWz6pK; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232731AbhCOOSg (ORCPT + 99 others); Mon, 15 Mar 2021 10:18:36 -0400 Received: from mail.kernel.org ([198.145.29.99]:36594 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232588AbhCON7k (ORCPT ); Mon, 15 Mar 2021 09:59:40 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id AB8EC64F1E; Mon, 15 Mar 2021 13:59:22 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1615816763; bh=pfIAXWKZmuag7c469syRF6DCSzceqdP9NHUCv7Jq1hU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=mzAWz6pK4QBXnBQTAQ3H4W+CGCHdyQ6isr5vMPhKVGGrqjttsIovEUxk2ewg910kG QLZKeV22HoafjaGeWh4F5gwDGXHEwl7f0wKvDD1N6nbYZt4GNWLQOcJNrU0wjr/0Ql dMgDXJNIwETFPw8bwXg9oNYoqH35v6l+N0rvYrbU= From: gregkh@linuxfoundation.org To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, "Eric W. Biederman" Subject: [PATCH 4.14 45/95] Revert 95ebabde382c ("capabilities: Dont allow writing ambiguous v3 file capabilities") Date: Mon, 15 Mar 2021 14:57:15 +0100 Message-Id: <20210315135741.754216761@linuxfoundation.org> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20210315135740.245494252@linuxfoundation.org> References: <20210315135740.245494252@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Greg Kroah-Hartman From: Eric W. Biederman commit 3b0c2d3eaa83da259d7726192cf55a137769012f upstream. It turns out that there are in fact userspace implementations that care and this recent change caused a regression. https://github.com/containers/buildah/issues/3071 As the motivation for the original change was future development, and the impact is existing real world code just revert this change and allow the ambiguity in v3 file caps. Cc: stable@vger.kernel.org Fixes: 95ebabde382c ("capabilities: Don't allow writing ambiguous v3 file capabilities") Signed-off-by: Eric W. Biederman Signed-off-by: Greg Kroah-Hartman --- security/commoncap.c | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) --- a/security/commoncap.c +++ b/security/commoncap.c @@ -507,8 +507,7 @@ int cap_convert_nscap(struct dentry *den __u32 magic, nsmagic; struct inode *inode = d_backing_inode(dentry); struct user_namespace *task_ns = current_user_ns(), - *fs_ns = inode->i_sb->s_user_ns, - *ancestor; + *fs_ns = inode->i_sb->s_user_ns; kuid_t rootid; size_t newsize; @@ -531,15 +530,6 @@ int cap_convert_nscap(struct dentry *den if (nsrootid == -1) return -EINVAL; - /* - * Do not allow allow adding a v3 filesystem capability xattr - * if the rootid field is ambiguous. - */ - for (ancestor = task_ns->parent; ancestor; ancestor = ancestor->parent) { - if (from_kuid(ancestor, rootid) == 0) - return -EINVAL; - } - newsize = sizeof(struct vfs_ns_cap_data); nscap = kmalloc(newsize, GFP_ATOMIC); if (!nscap)