Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp1045222rwd; Wed, 31 May 2023 08:46:04 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ5wHMTzzYjUgc6WU4Fbl0O9G4BhineM2lJToobSfNNoOvOXHDlkqpwi0wUmSzpXOaBTuB+E X-Received: by 2002:a17:902:8218:b0:1a9:bc13:7e20 with SMTP id x24-20020a170902821800b001a9bc137e20mr4084837pln.44.1685547964395; Wed, 31 May 2023 08:46:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1685547964; cv=none; d=google.com; s=arc-20160816; b=UKCFJU1m63d5v/NY6n+tkpB1uJfw8xYskfC7BbPc9qWm51eC3ttVUqvx2AXHb7wnMz fw8q+MXYie2ScmxIY2gMUV77yo+cRBi+DK/xstZHVS1ZkzDkr2mDgDtDVhYVbunn/OGr /SSO2qMbJ+zm9xjvRqoPi959r79A+4ddanZDCP3AVRFzVOKX9YhSUukkswGW36H0Ke3C tf0FE0+iBt6BzTrxxbaLCIR3qlV6sgyhe0LYSzDaPZNLm6sWKmjhHrpWBzFo3PNag7Oh peLiWHwiItBSX8I3dvQ9p3BaBVYBHyJ9w4ehmBSiREP41s0hCarLGwpzopyIg4VyK8IS Qsow== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:content-language:subject:user-agent:mime-version :date:message-id:dkim-signature; bh=B0l+XTA5FGlPVTPUKIvg8UhwhNLqm34Y1pLjTr83bQM=; b=d56cQCfx5qVOFAHFAviVe0flJjqUyvxxTWf6bFAtrKQpAUk8BVor0jQUaofPXOsYec Spi2KkRlDDBDjCeeguLZWQSZMwIW+OWNXIADWpDQd3MPGST2hcQ55JFNZQKHzZwkq8pm vT7pf3Pl8M/qF8T3UZ1v10M9Ts3KF35IkN1ef2jNKCGNGBIHXbCXWO+hmhFmGgpBdpI3 HN4n8kzErjcogFbGML2XCWtlh3gg63zp+v9J6PStkzotHR6yuOursJOvrjCBY4STyrRy qkt2S6KSNMJkNYwIPR9fg//FaIBHgXqRb9HlMeHzoXfVD5tG+/V+FsM1195XnA5l+ioj EX5w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@mail.ru header.s=mail4 header.b=Y3lLT2cO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=mail.ru Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id k8-20020a170902760800b001a1a9a1d336si1027971pll.206.2023.05.31.08.45.50; Wed, 31 May 2023 08:46:04 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@mail.ru header.s=mail4 header.b=Y3lLT2cO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=mail.ru Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234179AbjEaPMq (ORCPT + 99 others); Wed, 31 May 2023 11:12:46 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42242 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234184AbjEaPMp (ORCPT ); Wed, 31 May 2023 11:12:45 -0400 X-Greylist: delayed 131973 seconds by postgrey-1.37 at lindbergh.monkeyblade.net; Wed, 31 May 2023 08:12:37 PDT Received: from smtp45.i.mail.ru (smtp45.i.mail.ru [95.163.41.83]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C9BAF98; Wed, 31 May 2023 08:12:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=mail.ru; s=mail4; h=Content-Transfer-Encoding:Content-Type:In-Reply-To:From:References:Cc:To:Subject:MIME-Version:Date:Message-ID:From:Subject:Content-Type:Content-Transfer-Encoding:To:Cc; bh=B0l+XTA5FGlPVTPUKIvg8UhwhNLqm34Y1pLjTr83bQM=; t=1685545958;x=1685635958; b=Y3lLT2cO/HAhkKPnVmkRwiobUl/82Guj6g1oDUVLvnSmBe5kT8vfYZO8ZMk+HFq7bG2w1+9U4XZywJT6Ai41Au96JAhz8yKRogz1K3uWwEwRKcRelKK/P7eVFZipXRBahUP753dispGSRurywpqhCv5Liw2O5ovLB7xzgk1tFhk26N0yMvUHhqSSUKr7eCZGub1i0DqSBST7ML2yzq/1nD+tbkZGaY7Mq22qFtIdcfq5MtXmXow+1EYBwDwmQn1dGEQCB9UvVUE/GRVLdP1ycYVivaFo9z6inFtMu11S3ZlnVH+mXTZYpCeWfVPloSmgo2+kiyDYzz1BTbJ7ggv+og==; Received: by smtp45.i.mail.ru with esmtpa (envelope-from ) id 1q4NV3-00DwZL-VZ; Wed, 31 May 2023 18:12:34 +0300 Message-ID: <35224f5b-cc66-ec27-7477-e9f98e7a5279@mail.ru> Date: Wed, 31 May 2023 18:12:32 +0300 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.6.1 Subject: Re: [PATCH 5.10 1/1] ovl: fail on invalid uid/gid mapping at copy up Content-Language: ru To: Amir Goldstein Cc: stable@vger.kernel.org, Greg Kroah-Hartman , Miklos Szeredi , linux-unionfs@vger.kernel.org, linux-kernel@vger.kernel.org, Miklos Szeredi , Seth Forshee , Christian Brauner References: <20230530022917.18574-1-listdansp@mail.ru> <20230530022917.18574-2-listdansp@mail.ru> From: listdansp In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Authentication-Results: smtp45.i.mail.ru; auth=pass smtp.auth=listdansp@mail.ru smtp.mailfrom=listdansp@mail.ru X-Mailru-Src: smtp X-7564579A: B8F34718100C35BD X-77F55803: 4F1203BC0FB41BD9FA9FE7958A526B7749C3D014EB2503E6839C1F944BEC2EA800894C459B0CD1B98F06A9CF50DFA013A8FB064D0C686CF76B0A0FE30BB0F3737B820C60925959D8 X-7FA49CB5: FF5795518A3D127A4AD6D5ED66289B5278DA827A17800CE743A67C3F703598BFEA1F7E6F0F101C67BD4B6F7A4D31EC0BCC500DACC3FED6E28638F802B75D45FF8AA50765F7900637AC83A81C8FD4AD23D82A6BABE6F325AC2E85FA5F3EDFCBAA7353EFBB55337566E73BB9F70E9C8FAC9D0E474CA61CF5D6DB63F1BD2D50B66BA471835C12D1D977725E5C173C3A84C31E02C13459908652117882F4460429728AD0CFFFB425014E868A13BD56FB6657D81D268191BDAD3DC09775C1D3CA48CF15B380B5B570BCA9BA3038C0950A5D36C8A9BA7A39EFB766EC990983EF5C0329BA3038C0950A5D36D5E8D9A59859A8B6F4CAD2F895B8664376E601842F6C81A1F004C906525384303E02D724532EE2C3F43C7A68FF6260569E8FC8737B5C2249EC8D19AE6D49635B68655334FD4449CB9ECD01F8117BC8BEAAAE862A0553A39223F8577A6DFFEA7CE1AEB6AF2DA18B6243847C11F186F3C59DAA53EE0834AAEE X-C8649E89: 1C3962B70DF3F0ADBF74143AD284FC7177DD89D51EBB7742DC8270968E61249B1004E42C50DC4CA955A7F0CF078B5EC49A30900B95165D346B1FF97F6D0959A27DD7739A9D673168A929A171D74DE76F24C0DC8BA2554B2712BB58559AB791D01D7E09C32AA3244CA20D0A9534768D155C79BAEE451C3FE163871F383B54D9B37F5F07B4909EF5025DA084F8E80FEBD3D42CA810AD4FA7D0A8069D772E6E5B8583DB18EBE73F7D69 X-D57D3AED: 3ZO7eAau8CL7WIMRKs4sN3D3tLDjz0dLbV79QFUyzQ2Ujvy7cMT6pYYqY16iZVKkSc3dCLJ7zSJH7+u4VD18S7Vl4ZUrpaVfd2+vE6kuoey4m4VkSEu530nj6fImhcD4MUrOEAnl0W826KZ9Q+tr5ycPtXkTV4k65bRjmOUUP8cvGozZ33TWg5HZplvhhXbhDGzqmQDTd6OAevLeAnq3Ra9uf7zvY2zzsIhlcp/Y7m53TZgf2aB4JOg4gkr2biojiEKym4lkdssspREoQkZFiQ== X-Mailru-Sender: 4CE1109FD677D2770147F6A9E21DCA7B45B19515236DF9B1A073B805C7F8A3FF97F17C85D3F6D89F7E3C9C7AF06D9E7B78274A4A9E9E44FD3C3897ABF9FF211DE8284E426C7B2D9A5FEEDEB644C299C0ED14614B50AE0675 X-Mras: Ok X-Spam-Status: No, score=-2.2 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, GB_FREEMAIL_DISPTO,NICE_REPLY_A,RCVD_IN_DNSWL_NONE,SPF_HELO_PASS, SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org >> From: Miklos Szeredi >> >> commit 4f11ada10d0ad3fd53e2bd67806351de63a4f9c3 upstream. >> >> If st_uid/st_gid doesn't have a mapping in the mounter's user_ns, then >> copy-up should fail, just like it would fail if the mounter task was doing >> the copy using "cp -a". >> >> There's a corner case where the "cp -a" would succeed but copy up fail: if >> there's a mapping of the invalid uid/gid (65534 by default) in the user >> namespace. This is because stat(2) will return this value if the mapping >> doesn't exist in the current user_ns and "cp -a" will in turn be able to >> create a file with this uid/gid. >> >> This behavior would be inconsistent with POSIX ACL's, which return -1 for >> invalid uid/gid which result in a failed copy. >> >> For consistency and simplicity fail the copy of the st_uid/st_gid are >> invalid. >> >> Fixes: 459c7c565ac3 ("ovl: unprivieged mounts") >> Cc: # v5.11 >> Signed-off-by: Miklos Szeredi >> Reviewed-by: Christian Brauner >> Reviewed-by: Seth Forshee >> Signed-off-by: Danila Chernetsov >> --- >> fs/overlayfs/copy_up.c | 4 ++++ >> 1 file changed, 4 insertions(+) >> >> diff --git a/fs/overlayfs/copy_up.c b/fs/overlayfs/copy_up.c >> index e466c58f9ec4..fd33abc0edc0 100644 >> --- a/fs/overlayfs/copy_up.c >> +++ b/fs/overlayfs/copy_up.c >> @@ -882,6 +882,10 @@ static int ovl_copy_up_one(struct dentry *parent, struct dentry *dentry, >> if (err) >> return err; >> >> + if (!kuid_has_mapping(current_user_ns(), ctx.stat.uid) || >> + !kgid_has_mapping(current_user_ns(), ctx.stat.gid)) >> + return -EOVERFLOW; >> + >> ctx.metacopy = ovl_need_meta_copy_up(dentry, ctx.stat.mode, flags); >> >> if (parent) { >> -- >> 2.25.1 >> > You are requesting to backport to kernel 5.10.y a fix to a bug that is tagged as > introduced in 5.11 with overlayfs unprivileged mounts. > > IOW, in kernel 5.10, current_user_ns() would always be init_user_ns. > > Am I missing something? > > Thanks, > Amir. > Sorry for this inconvientions, really this issue was introduced in 5.11 Danila