Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp3526108pxf; Mon, 15 Mar 2021 11:30:54 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyDgdCTG8Pld4Ac4qHMz9iWLctoE42eXHAuftZ30OMOHfpqiM1nOy5e2pkDBN1Kk7txD5vw X-Received: by 2002:a17:906:4747:: with SMTP id j7mr24822612ejs.221.1615833054428; Mon, 15 Mar 2021 11:30:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1615833054; cv=none; d=google.com; s=arc-20160816; b=FVFRc+hnjVvhSoMwXMqBmzQw/L8p2c3cSMiK5vmy3LPrvE7F+ZLoCrxcQXIKtnVSX0 Eph3T828ufmfeKME8DkOCEMljhbPMmJGC6VvdU8mmbVjUYzguA/QVRlqgArgGWWAOHFq 4k6MY5bpDJgalddFbs831lpRkEZnQnNqQQzwFM3rI66LvC56xQsusq5LeH56pFsUjmLj BpPEqhYCU1Ax+EIowg/va+N5Of+HoJF1TedXV3bbDgJuuRTrbti9GDph/ClQd8uDADxL VsQ22CMDDSHzkVRltuzrrjeJDTixrGqLpZRH472jw/XAgfjBICSaywGc2pe/CQjQ5S60 IUTQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=88DkqqAYX1zCdYhMyBm6M192H6Dic+xyGqh9eXNewzA=; b=ctB1N7QbV8uRe+LpEqHCb0LJOs9OeUKCJyFJM9mx5sNjnFxJnDIRxrL/WRHCpehLDA 0+EESwRMTzs88ZmtDUXUYOXwWJmYpUIoweTJ/ElGgMCSv1qlO32CXpThSH+tlZhBCtht nC2v/17Vy3w1Ns05CzSsp0u9pEhpREqro8f8Q7ZK0xf4jtpbS2EQljSn4Zry71XqZD1c peEDMqHoD6gis40fyuDMTd7M1xBTagsu6Quly2SFzPyx3NJhigLk2ORDCLNvh2d5rbN1 WIcdyaPJiRAR8ctBYgdBAd9CyQXlWiQ+AjQ5X+rjMquBhYR4rbhyq4HMe/865Wnx2C7E fAgQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=hkn6CVYF; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id do3si11484873ejc.486.2021.03.15.11.30.31; Mon, 15 Mar 2021 11:30:54 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=hkn6CVYF; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240375AbhCOOhr (ORCPT + 99 others); Mon, 15 Mar 2021 10:37:47 -0400 Received: from mail.kernel.org ([198.145.29.99]:47972 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233225AbhCOOBu (ORCPT ); Mon, 15 Mar 2021 10:01:50 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 96E5364EF0; Mon, 15 Mar 2021 14:01:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1615816909; bh=/Ddd2zPl42t0KPISs+Dxeg/qgBi4KA8gGxKbfY4SnUE=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=hkn6CVYFE1m+sbAn7KwUzEBttVjxq9t0ShoC9fQgOu6Xcepovm24u5kTnY70tw8hn gKxyCG9byMrXv6G1wzN3uleSqknPGdrJrctmKeOzWXfNgJajGgzU2d4YhGHjH9pDJg 3F07PYwi1n71e8VFQQTzNbZj/ZkAhZgI1daLrm0w= From: gregkh@linuxfoundation.org To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, "Eric W. Biederman" Subject: [PATCH 5.10 183/290] Revert 95ebabde382c ("capabilities: Dont allow writing ambiguous v3 file capabilities") Date: Mon, 15 Mar 2021 14:54:36 +0100 Message-Id: <20210315135548.097352490@linuxfoundation.org> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20210315135541.921894249@linuxfoundation.org> References: <20210315135541.921894249@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Greg Kroah-Hartman From: Eric W. Biederman commit 3b0c2d3eaa83da259d7726192cf55a137769012f upstream. It turns out that there are in fact userspace implementations that care and this recent change caused a regression. https://github.com/containers/buildah/issues/3071 As the motivation for the original change was future development, and the impact is existing real world code just revert this change and allow the ambiguity in v3 file caps. Cc: stable@vger.kernel.org Fixes: 95ebabde382c ("capabilities: Don't allow writing ambiguous v3 file capabilities") Signed-off-by: Eric W. Biederman Signed-off-by: Greg Kroah-Hartman --- security/commoncap.c | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) --- a/security/commoncap.c +++ b/security/commoncap.c @@ -500,8 +500,7 @@ int cap_convert_nscap(struct dentry *den __u32 magic, nsmagic; struct inode *inode = d_backing_inode(dentry); struct user_namespace *task_ns = current_user_ns(), - *fs_ns = inode->i_sb->s_user_ns, - *ancestor; + *fs_ns = inode->i_sb->s_user_ns; kuid_t rootid; size_t newsize; @@ -524,15 +523,6 @@ int cap_convert_nscap(struct dentry *den if (nsrootid == -1) return -EINVAL; - /* - * Do not allow allow adding a v3 filesystem capability xattr - * if the rootid field is ambiguous. - */ - for (ancestor = task_ns->parent; ancestor; ancestor = ancestor->parent) { - if (from_kuid(ancestor, rootid) == 0) - return -EINVAL; - } - newsize = sizeof(struct vfs_ns_cap_data); nscap = kmalloc(newsize, GFP_ATOMIC); if (!nscap)