Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp3519843pxf; Mon, 15 Mar 2021 11:22:04 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxhq7IsGi0398eAKmVdXgrx1wTTBmXkcGt8HLi5k82Lm2X2fiKqyfq7vMypbac/rMSq6YZc X-Received: by 2002:a17:906:c007:: with SMTP id e7mr25712747ejz.518.1615832524521; Mon, 15 Mar 2021 11:22:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1615832524; cv=none; d=google.com; s=arc-20160816; b=JIbFodXx69XJrOds6aQD98ukUC1fNny/FWwhDUPxqMvgufB9E0YQklX+dXUOJTjY3i uz2MmwfASawS/8qjK1JF3sZFOHXYrDvB9si6aq/h6t9vYbwWdSYL1xNUXFWrPI8olU0m gZ2lA3XhWwhDkBCc5gTPifoQtbeqZCO/jCpu1RE5MOy4oC4wS9qGqXvscZRp2lq4lYQW RnT7vGRuISb2SSI9n79RBMKQuayadYWcmQUkB07W90YE2qNmOVxnay+Ck0buQOhqxKH+ t5wQhu1JTvgdF/K6oy5b4vPDvVsmeomr8tSt5tXHfQDYN4wkACeVa/iv/6bSFOHXyKtg Esdg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=88DkqqAYX1zCdYhMyBm6M192H6Dic+xyGqh9eXNewzA=; b=L2rcDKvNz3WK3nJy2SsdqYi5TXDNH1VnnVIxJtl6lMDdwyVFnhKXc8dZBbRkprR7fg Ukgikl2E8mYYW2ud0OWYPCzGLqd5uyDIbGeLIoPKNlIIM7ZVK5oXomMO1OFAtP7SArhz +CV6rCRh4OEFUwPDESL9dlchIbt+fF+FBRCBn0z/4LFKOYqKRyO/o4xO4Sl/vpem9Lvh lUyqX0rJOFjZ9klg29nW3G1c1h2ohCmA+zICRR+PDZei8Y1jkMWC2A/ftL54VLA7+o7B Wuv9GTUjwVGJ+SBlilmVTE//usrUUliWdj8ghDslQmRb2pwMSGZEEfvC/+HHCMTobj+Y Jy2w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=U7vyhzPX; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id a12si12190619ejy.363.2021.03.15.11.21.40; Mon, 15 Mar 2021 11:22:04 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=U7vyhzPX; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230202AbhCOOUy (ORCPT + 99 others); Mon, 15 Mar 2021 10:20:54 -0400 Received: from mail.kernel.org ([198.145.29.99]:35904 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232814AbhCON75 (ORCPT ); Mon, 15 Mar 2021 09:59:57 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id CCE8064F18; Mon, 15 Mar 2021 13:59:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1615816767; bh=/Ddd2zPl42t0KPISs+Dxeg/qgBi4KA8gGxKbfY4SnUE=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=U7vyhzPXR1hXVWbOjatxr+DMmeLXQoxDH8GtB8xmIsVvdbxp7i0xhpesD0/SWc0tO CYd3Ut5fRIREZ/Mtx0on9OmieBEJf7D4rsfW9SsldTDlV0o+PWVIhqQC7H1vCkD7sM JTLTF+zng2i7DhnCQsUMFX3MKB23Nc7BiHNlA1UU= From: gregkh@linuxfoundation.org To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, "Eric W. Biederman" Subject: [PATCH 5.4 096/168] Revert 95ebabde382c ("capabilities: Dont allow writing ambiguous v3 file capabilities") Date: Mon, 15 Mar 2021 14:55:28 +0100 Message-Id: <20210315135553.525307621@linuxfoundation.org> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20210315135550.333963635@linuxfoundation.org> References: <20210315135550.333963635@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Greg Kroah-Hartman From: Eric W. Biederman commit 3b0c2d3eaa83da259d7726192cf55a137769012f upstream. It turns out that there are in fact userspace implementations that care and this recent change caused a regression. https://github.com/containers/buildah/issues/3071 As the motivation for the original change was future development, and the impact is existing real world code just revert this change and allow the ambiguity in v3 file caps. Cc: stable@vger.kernel.org Fixes: 95ebabde382c ("capabilities: Don't allow writing ambiguous v3 file capabilities") Signed-off-by: Eric W. Biederman Signed-off-by: Greg Kroah-Hartman --- security/commoncap.c | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) --- a/security/commoncap.c +++ b/security/commoncap.c @@ -500,8 +500,7 @@ int cap_convert_nscap(struct dentry *den __u32 magic, nsmagic; struct inode *inode = d_backing_inode(dentry); struct user_namespace *task_ns = current_user_ns(), - *fs_ns = inode->i_sb->s_user_ns, - *ancestor; + *fs_ns = inode->i_sb->s_user_ns; kuid_t rootid; size_t newsize; @@ -524,15 +523,6 @@ int cap_convert_nscap(struct dentry *den if (nsrootid == -1) return -EINVAL; - /* - * Do not allow allow adding a v3 filesystem capability xattr - * if the rootid field is ambiguous. - */ - for (ancestor = task_ns->parent; ancestor; ancestor = ancestor->parent) { - if (from_kuid(ancestor, rootid) == 0) - return -EINVAL; - } - newsize = sizeof(struct vfs_ns_cap_data); nscap = kmalloc(newsize, GFP_ATOMIC); if (!nscap)