Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp3521618pxf; Mon, 15 Mar 2021 11:24:44 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxEl6rl+b3MbLJ27DxTSR7vv2I58ztQU6IBlZjO8o5cDthU0LUqaWHYih3qrjjJWnDusTe0 X-Received: by 2002:a05:6402:c96:: with SMTP id cm22mr31771527edb.128.1615832684015; Mon, 15 Mar 2021 11:24:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1615832684; cv=none; d=google.com; s=arc-20160816; b=tRHfjjeHVSZWrZz3ljdyN5DW7zFc9LiS2cgIhOABvmJRqM7bhvM+uHoW+Kp42Ya14H 4Za4+HbYJTDT2E3H4vPmeEJKga8LecnbTejQSsK/NV5w3LV/1up6PM5Gv1hgrJTN4f3V woO2HSlA+0BA+UVjkxElcBWeGFk2CIOvEkksbxucMt4xLJ0wwXrMQ4XDjKWwdzQvZKAH pPBNzYj7pEebNx30YALuNajwnTs64PW0yzxXI+6O/66mJ4Vd0VJHUGCvVCciYDyfC8eK q6FyD/w0tcOpeDGQdRg+9FnWR2Oc4SCZfZ9MMq6MKz4V5+Zk+Um1Pg7zmGBN7SC2yO2L zdnA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=WqKUU2DT2rUgESqaGb9zfMDIkTcJVQHr0vAjs8reP0w=; b=AQtU7epEPjorALMym0FH8AttIRzRO3532yFrgEGz6BdVxNu+MmMbkMpTJo43f+Yf/7 /OjmmgXur06FgZYC/CAEE64Zan/JSpX40bUQCkWDE4X0WQFFmr2iuNmV8PqOMkM+O+u2 dibIYST54O/cxgoiWLz3fz+/NdzCBX7HIRh4JST2mameecBawLA7ADoowQA4zsYiyd8i 04hfe+pmzlPoLoaOM26jITBMUnk4K2rHAERC43kkY2w54g0ZGReV7uiOgze+yhuCnht4 rrTeCSgmuV73hDJ+jJLYdY70WRYiOHKlPNNu++SOrKrGYiOztj9gN57im+vxFdQzm07u 8OEA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=vKcW1fgp; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id c17si5836889ede.535.2021.03.15.11.24.21; Mon, 15 Mar 2021 11:24:44 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=vKcW1fgp; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232069AbhCOOYF (ORCPT + 99 others); Mon, 15 Mar 2021 10:24:05 -0400 Received: from mail.kernel.org ([198.145.29.99]:37540 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232836AbhCOOAB (ORCPT ); Mon, 15 Mar 2021 10:00:01 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id D2E3164F26; Mon, 15 Mar 2021 13:59:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1615816783; bh=vLurVrrrwyChHe5fVfuDmI4OBPbtMESKyA6XtpQN/5U=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=vKcW1fgpM6aLneQBcCN1/LTfLXIQHNmq3HGC0BwG3LeWURyjc7XN9tJzRqLJZHph4 54LI+WNyV7lYDcKY1yCEhfZKFUwJuEk6IxLI9Z4j1FRAY3e7Et0sqLUnOFD6wf2aRi cQouM1vSz9qN+BUHgIWsAetGF4j9fDPTBLikU9/w= From: gregkh@linuxfoundation.org To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, "Eric W. Biederman" Subject: [PATCH 4.19 065/120] Revert 95ebabde382c ("capabilities: Dont allow writing ambiguous v3 file capabilities") Date: Mon, 15 Mar 2021 14:56:56 +0100 Message-Id: <20210315135722.100875537@linuxfoundation.org> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20210315135720.002213995@linuxfoundation.org> References: <20210315135720.002213995@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Greg Kroah-Hartman From: Eric W. Biederman commit 3b0c2d3eaa83da259d7726192cf55a137769012f upstream. It turns out that there are in fact userspace implementations that care and this recent change caused a regression. https://github.com/containers/buildah/issues/3071 As the motivation for the original change was future development, and the impact is existing real world code just revert this change and allow the ambiguity in v3 file caps. Cc: stable@vger.kernel.org Fixes: 95ebabde382c ("capabilities: Don't allow writing ambiguous v3 file capabilities") Signed-off-by: Eric W. Biederman Signed-off-by: Greg Kroah-Hartman --- security/commoncap.c | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) --- a/security/commoncap.c +++ b/security/commoncap.c @@ -506,8 +506,7 @@ int cap_convert_nscap(struct dentry *den __u32 magic, nsmagic; struct inode *inode = d_backing_inode(dentry); struct user_namespace *task_ns = current_user_ns(), - *fs_ns = inode->i_sb->s_user_ns, - *ancestor; + *fs_ns = inode->i_sb->s_user_ns; kuid_t rootid; size_t newsize; @@ -530,15 +529,6 @@ int cap_convert_nscap(struct dentry *den if (nsrootid == -1) return -EINVAL; - /* - * Do not allow allow adding a v3 filesystem capability xattr - * if the rootid field is ambiguous. - */ - for (ancestor = task_ns->parent; ancestor; ancestor = ancestor->parent) { - if (from_kuid(ancestor, rootid) == 0) - return -EINVAL; - } - newsize = sizeof(struct vfs_ns_cap_data); nscap = kmalloc(newsize, GFP_ATOMIC); if (!nscap)