Página inicial Explorar Ajuda
Entrar
iank
/
libreCMC
fork de libreCMC/libreCMC
1
0
Fork 0
Arquivos
Branch: v1.5
Branches Tags
libreCMC
/
target
/
linux
/
generic
/
patches-4.4
/
051-0002-ovl-override-creds-with-the-ones-from-the-superblock.patch

051-0002-ovl-override-creds-with-the-ones-from-the-superblock.patch 10 KB
Link permanente Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336 
  1. From 3fe6e52f062643676eb4518d68cee3bc1272091b Mon Sep 17 00:00:00 2001
    2. 

  2. From: Antonio Murdaca <amurdaca@redhat.com>
    3. 

  3. Date: Thu, 7 Apr 2016 15:48:25 +0200
    4. 

  4. Subject: [PATCH] ovl: override creds with the ones from the superblock mounter
    5. 

  5. 

  6. In user namespace the whiteout creation fails with -EPERM because the
    7. 

  7. current process isn't capable(CAP_SYS_ADMIN) when setting xattr.
    8. 

  8. 

  9. A simple reproducer:
    10. 

  10. 

  11. $ mkdir upper lower work merged lower/dir
    12. 

  12. $ sudo mount -t overlay overlay -olowerdir=lower,upperdir=upper,workdir=work merged
    13. 

  13. $ unshare -m -p -f -U -r bash
    14. 

  14. 

  15. Now as root in the user namespace:
    16. 

  16. 

  17. \# touch merged/dir/{1,2,3} # this will force a copy up of lower/dir
    18. 

  18. \# rm -fR merged/*
    19. 

  19. 

  20. This ends up failing with -EPERM after the files in dir has been
    21. 

  21. correctly deleted:
    22. 

  22. 

  23. unlinkat(4, "2", 0)                     = 0
    24. 

  24. unlinkat(4, "1", 0)                     = 0
    25. 

  25. unlinkat(4, "3", 0)                     = 0
    26. 

  26. close(4)                                = 0
    27. 

  27. unlinkat(AT_FDCWD, "merged/dir", AT_REMOVEDIR) = -1 EPERM (Operation not
    28. 

  28. permitted)
    29. 

  29. 

  30. Interestingly, if you don't place files in merged/dir you can remove it,
    31. 

  31. meaning if upper/dir does not exist, creating the char device file works
    32. 

  32. properly in that same location.
    33. 

  33. 

  34. This patch uses ovl_sb_creator_cred() to get the cred struct from the
    35. 

  35. superblock mounter and override the old cred with these new ones so that
    36. 

  36. the whiteout creation is possible because overlay is wrong in assuming that
    37. 

  37. the creds it will get with prepare_creds will be in the initial user
    38. 

  38. namespace.  The old cap_raise game is removed in favor of just overriding
    39. 

  39. the old cred struct.
    40. 

  40. 

  41. This patch also drops from ovl_copy_up_one() the following two lines:
    42. 

  42. 

  43. override_cred->fsuid = stat->uid;
    44. 

  44. override_cred->fsgid = stat->gid;
    45. 

  45. 

  46. This is because the correct uid and gid are taken directly with the stat
    47. 

  47. struct and correctly set with ovl_set_attr().
    48. 

  48. 

  49. Signed-off-by: Antonio Murdaca <runcom@redhat.com>
    50. 

  50. Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
    51. 

  51. ---
    52. 

  52.  fs/overlayfs/copy_up.c   | 26 +------------------
    53. 

  53.  fs/overlayfs/dir.c       | 67 ++++--------------------------------------------
    54. 

  54.  fs/overlayfs/overlayfs.h |  1 +
    55. 

  55.  fs/overlayfs/readdir.c   | 14 +++-------
    56. 

  56.  fs/overlayfs/super.c     | 18 ++++++++++++-
    57. 

  57.  5 files changed, 27 insertions(+), 99 deletions(-)
    58. 

  58. 

  59. --- a/fs/overlayfs/copy_up.c
    60. 

  60. +++ b/fs/overlayfs/copy_up.c
    61. 

  61. @@ -317,7 +317,6 @@ int ovl_copy_up_one(struct dentry *paren
    62. 

  62.  	struct dentry *upperdir;
    63. 

  63.  	struct dentry *upperdentry;
    64. 

  64.  	const struct cred *old_cred;
    65. 

  65. -	struct cred *override_cred;
    66. 

  66.  	char *link = NULL;
    67. 

  67.  
    68. 

  68.  	if (WARN_ON(!workdir))
    69. 

  69. @@ -336,28 +335,7 @@ int ovl_copy_up_one(struct dentry *paren
    70. 

  70.  			return PTR_ERR(link);
    71. 

  71.  	}
    72. 

  72.  
    73. 

  73. -	err = -ENOMEM;
    74. 

  74. -	override_cred = prepare_creds();
    75. 

  75. -	if (!override_cred)
    76. 

  76. -		goto out_free_link;
    77. 

  77. -
    78. 

  78. -	override_cred->fsuid = stat->uid;
    79. 

  79. -	override_cred->fsgid = stat->gid;
    80. 

  80. -	/*
    81. 

  81. -	 * CAP_SYS_ADMIN for copying up extended attributes
    82. 

  82. -	 * CAP_DAC_OVERRIDE for create
    83. 

  83. -	 * CAP_FOWNER for chmod, timestamp update
    84. 

  84. -	 * CAP_FSETID for chmod
    85. 

  85. -	 * CAP_CHOWN for chown
    86. 

  86. -	 * CAP_MKNOD for mknod
    87. 

  87. -	 */
    88. 

  88. -	cap_raise(override_cred->cap_effective, CAP_SYS_ADMIN);
    89. 

  89. -	cap_raise(override_cred->cap_effective, CAP_DAC_OVERRIDE);
    90. 

  90. -	cap_raise(override_cred->cap_effective, CAP_FOWNER);
    91. 

  91. -	cap_raise(override_cred->cap_effective, CAP_FSETID);
    92. 

  92. -	cap_raise(override_cred->cap_effective, CAP_CHOWN);
    93. 

  93. -	cap_raise(override_cred->cap_effective, CAP_MKNOD);
    94. 

  94. -	old_cred = override_creds(override_cred);
    95. 

  95. +	old_cred = ovl_override_creds(dentry->d_sb);
    96. 

  96.  
    97. 

  97.  	err = -EIO;
    98. 

  98.  	if (lock_rename(workdir, upperdir) != NULL) {
    99. 

  99. @@ -380,9 +358,7 @@ int ovl_copy_up_one(struct dentry *paren
    100. 

  100.  out_unlock:
    101. 

  101.  	unlock_rename(workdir, upperdir);
    102. 

  102.  	revert_creds(old_cred);
    103. 

  103. -	put_cred(override_cred);
    104. 

  104.  
    105. 

  105. -out_free_link:
    106. 

  106.  	if (link)
    107. 

  107.  		free_page((unsigned long) link);
    108. 

  108.  
    109. 

  109. --- a/fs/overlayfs/dir.c
    110. 

  110. +++ b/fs/overlayfs/dir.c
    111. 

  111. @@ -408,28 +408,13 @@ static int ovl_create_or_link(struct den
    112. 

  112.  		err = ovl_create_upper(dentry, inode, &stat, link, hardlink);
    113. 

  113.  	} else {
    114. 

  114.  		const struct cred *old_cred;
    115. 

  115. -		struct cred *override_cred;
    116. 

  116.  
    117. 

  117. -		err = -ENOMEM;
    118. 

  118. -		override_cred = prepare_creds();
    119. 

  119. -		if (!override_cred)
    120. 

  120. -			goto out_iput;
    121. 

  121. -
    122. 

  122. -		/*
    123. 

  123. -		 * CAP_SYS_ADMIN for setting opaque xattr
    124. 

  124. -		 * CAP_DAC_OVERRIDE for create in workdir, rename
    125. 

  125. -		 * CAP_FOWNER for removing whiteout from sticky dir
    126. 

  126. -		 */
    127. 

  127. -		cap_raise(override_cred->cap_effective, CAP_SYS_ADMIN);
    128. 

  128. -		cap_raise(override_cred->cap_effective, CAP_DAC_OVERRIDE);
    129. 

  129. -		cap_raise(override_cred->cap_effective, CAP_FOWNER);
    130. 

  130. -		old_cred = override_creds(override_cred);
    131. 

  131. +		old_cred = ovl_override_creds(dentry->d_sb);
    132. 

  132.  
    133. 

  133.  		err = ovl_create_over_whiteout(dentry, inode, &stat, link,
    134. 

  134.  					       hardlink);
    135. 

  135.  
    136. 

  136.  		revert_creds(old_cred);
    137. 

  137. -		put_cred(override_cred);
    138. 

  138.  	}
    139. 

  139.  
    140. 

  140.  	if (!err)
    141. 

  141. @@ -659,32 +644,11 @@ static int ovl_do_remove(struct dentry *
    142. 

  142.  	if (OVL_TYPE_PURE_UPPER(type)) {
    143. 

  143.  		err = ovl_remove_upper(dentry, is_dir);
    144. 

  144.  	} else {
    145. 

  145. -		const struct cred *old_cred;
    146. 

  146. -		struct cred *override_cred;
    147. 

  147. -
    148. 

  148. -		err = -ENOMEM;
    149. 

  149. -		override_cred = prepare_creds();
    150. 

  150. -		if (!override_cred)
    151. 

  151. -			goto out_drop_write;
    152. 

  152. -
    153. 

  153. -		/*
    154. 

  154. -		 * CAP_SYS_ADMIN for setting xattr on whiteout, opaque dir
    155. 

  155. -		 * CAP_DAC_OVERRIDE for create in workdir, rename
    156. 

  156. -		 * CAP_FOWNER for removing whiteout from sticky dir
    157. 

  157. -		 * CAP_FSETID for chmod of opaque dir
    158. 

  158. -		 * CAP_CHOWN for chown of opaque dir
    159. 

  159. -		 */
    160. 

  160. -		cap_raise(override_cred->cap_effective, CAP_SYS_ADMIN);
    161. 

  161. -		cap_raise(override_cred->cap_effective, CAP_DAC_OVERRIDE);
    162. 

  162. -		cap_raise(override_cred->cap_effective, CAP_FOWNER);
    163. 

  163. -		cap_raise(override_cred->cap_effective, CAP_FSETID);
    164. 

  164. -		cap_raise(override_cred->cap_effective, CAP_CHOWN);
    165. 

  165. -		old_cred = override_creds(override_cred);
    166. 

  166. +		const struct cred *old_cred = ovl_override_creds(dentry->d_sb);
    167. 

  167.  
    168. 

  168.  		err = ovl_remove_and_whiteout(dentry, is_dir);
    169. 

  169.  
    170. 

  170.  		revert_creds(old_cred);
    171. 

  171. -		put_cred(override_cred);
    172. 

  172.  	}
    173. 

  173.  out_drop_write:
    174. 

  174.  	ovl_drop_write(dentry);
    175. 

  175. @@ -723,7 +687,6 @@ static int ovl_rename2(struct inode *old
    176. 

  176.  	bool new_is_dir = false;
    177. 

  177.  	struct dentry *opaquedir = NULL;
    178. 

  178.  	const struct cred *old_cred = NULL;
    179. 

  179. -	struct cred *override_cred = NULL;
    180. 

  180.  
    181. 

  181.  	err = -EINVAL;
    182. 

  182.  	if (flags & ~(RENAME_EXCHANGE | RENAME_NOREPLACE))
    183. 

  183. @@ -792,26 +755,8 @@ static int ovl_rename2(struct inode *old
    184. 

  184.  	old_opaque = !OVL_TYPE_PURE_UPPER(old_type);
    185. 

  185.  	new_opaque = !OVL_TYPE_PURE_UPPER(new_type);
    186. 

  186.  
    187. 

  187. -	if (old_opaque || new_opaque) {
    188. 

  188. -		err = -ENOMEM;
    189. 

  189. -		override_cred = prepare_creds();
    190. 

  190. -		if (!override_cred)
    191. 

  191. -			goto out_drop_write;
    192. 

  192. -
    193. 

  193. -		/*
    194. 

  194. -		 * CAP_SYS_ADMIN for setting xattr on whiteout, opaque dir
    195. 

  195. -		 * CAP_DAC_OVERRIDE for create in workdir
    196. 

  196. -		 * CAP_FOWNER for removing whiteout from sticky dir
    197. 

  197. -		 * CAP_FSETID for chmod of opaque dir
    198. 

  198. -		 * CAP_CHOWN for chown of opaque dir
    199. 

  199. -		 */
    200. 

  200. -		cap_raise(override_cred->cap_effective, CAP_SYS_ADMIN);
    201. 

  201. -		cap_raise(override_cred->cap_effective, CAP_DAC_OVERRIDE);
    202. 

  202. -		cap_raise(override_cred->cap_effective, CAP_FOWNER);
    203. 

  203. -		cap_raise(override_cred->cap_effective, CAP_FSETID);
    204. 

  204. -		cap_raise(override_cred->cap_effective, CAP_CHOWN);
    205. 

  205. -		old_cred = override_creds(override_cred);
    206. 

  206. -	}
    207. 

  207. +	if (old_opaque || new_opaque)
    208. 

  208. +		old_cred = ovl_override_creds(old->d_sb);
    209. 

  209.  
    210. 

  210.  	if (overwrite && OVL_TYPE_MERGE_OR_LOWER(new_type) && new_is_dir) {
    211. 

  211.  		opaquedir = ovl_check_empty_and_clear(new);
    212. 

  212. @@ -942,10 +887,8 @@ out_dput_old:
    213. 

  213.  out_unlock:
    214. 

  214.  	unlock_rename(new_upperdir, old_upperdir);
    215. 

  215.  out_revert_creds:
    216. 

  216. -	if (old_opaque || new_opaque) {
    217. 

  217. +	if (old_opaque || new_opaque)
    218. 

  218.  		revert_creds(old_cred);
    219. 

  219. -		put_cred(override_cred);
    220. 

  220. -	}
    221. 

  221.  out_drop_write:
    222. 

  222.  	ovl_drop_write(old);
    223. 

  223.  out:
    224. 

  224. --- a/fs/overlayfs/overlayfs.h
    225. 

  225. +++ b/fs/overlayfs/overlayfs.h
    226. 

  226. @@ -150,6 +150,7 @@ void ovl_drop_write(struct dentry *dentr
    227. 

  227.  bool ovl_dentry_is_opaque(struct dentry *dentry);
    228. 

  228.  void ovl_dentry_set_opaque(struct dentry *dentry, bool opaque);
    229. 

  229.  bool ovl_is_whiteout(struct dentry *dentry);
    230. 

  230. +const struct cred *ovl_override_creds(struct super_block *sb);
    231. 

  231.  void ovl_dentry_update(struct dentry *dentry, struct dentry *upperdentry);
    232. 

  232.  struct dentry *ovl_lookup(struct inode *dir, struct dentry *dentry,
    233. 

  233.  			  unsigned int flags);
    234. 

  234. --- a/fs/overlayfs/readdir.c
    235. 

  235. +++ b/fs/overlayfs/readdir.c
    236. 

  236. @@ -36,6 +36,7 @@ struct ovl_dir_cache {
    237. 

  237.  
    238. 

  238.  struct ovl_readdir_data {
    239. 

  239.  	struct dir_context ctx;
    240. 

  240. +	struct dentry *dentry;
    241. 

  241.  	bool is_lowest;
    242. 

  242.  	struct rb_root root;
    243. 

  243.  	struct list_head *list;
    244. 

  244. @@ -205,17 +206,8 @@ static int ovl_check_whiteouts(struct de
    245. 

  245.  	struct ovl_cache_entry *p;
    246. 

  246.  	struct dentry *dentry;
    247. 

  247.  	const struct cred *old_cred;
    248. 

  248. -	struct cred *override_cred;
    249. 

  249. -
    250. 

  250. -	override_cred = prepare_creds();
    251. 

  251. -	if (!override_cred)
    252. 

  252. -		return -ENOMEM;
    253. 

  253.  
    254. 

  254. -	/*
    255. 

  255. -	 * CAP_DAC_OVERRIDE for lookup
    256. 

  256. -	 */
    257. 

  257. -	cap_raise(override_cred->cap_effective, CAP_DAC_OVERRIDE);
    258. 

  258. -	old_cred = override_creds(override_cred);
    259. 

  259. +	old_cred = ovl_override_creds(rdd->dentry->d_sb);
    260. 

  260.  
    261. 

  261.  	err = mutex_lock_killable(&dir->d_inode->i_mutex);
    262. 

  262.  	if (!err) {
    263. 

  263. @@ -231,7 +223,6 @@ static int ovl_check_whiteouts(struct de
    264. 

  264.  		mutex_unlock(&dir->d_inode->i_mutex);
    265. 

  265.  	}
    266. 

  266.  	revert_creds(old_cred);
    267. 

  267. -	put_cred(override_cred);
    268. 

  268.  
    269. 

  269.  	return err;
    270. 

  270.  }
    271. 

  271. @@ -287,6 +278,7 @@ static int ovl_dir_read_merged(struct de
    272. 

  272.  	struct path realpath;
    273. 

  273.  	struct ovl_readdir_data rdd = {
    274. 

  274.  		.ctx.actor = ovl_fill_merge,
    275. 

  275. +		.dentry = dentry,
    276. 

  276.  		.list = list,
    277. 

  277.  		.root = RB_ROOT,
    278. 

  278.  		.is_lowest = false,
    279. 

  279. --- a/fs/overlayfs/super.c
    280. 

  280. +++ b/fs/overlayfs/super.c
    281. 

  281. @@ -42,6 +42,8 @@ struct ovl_fs {
    282. 

  282.  	long lower_namelen;
    283. 

  283.  	/* pathnames of lower and upper dirs, for show_options */
    284. 

  284.  	struct ovl_config config;
    285. 

  285. +	/* creds of process who forced instantiation of super block */
    286. 

  286. +	const struct cred *creator_cred;
    287. 

  287.  };
    288. 

  288.  
    289. 

  289.  struct ovl_dir_cache;
    290. 

  290. @@ -246,6 +248,13 @@ bool ovl_is_whiteout(struct dentry *dent
    291. 

  291.  	return inode && IS_WHITEOUT(inode);
    292. 

  292.  }
    293. 

  293.  
    294. 

  294. +const struct cred *ovl_override_creds(struct super_block *sb)
    295. 

  295. +{
    296. 

  296. +	struct ovl_fs *ofs = sb->s_fs_info;
    297. 

  297. +
    298. 

  298. +	return override_creds(ofs->creator_cred);
    299. 

  299. +}
    300. 

  300. +
    301. 

  301.  static bool ovl_is_opaquedir(struct dentry *dentry)
    302. 

  302.  {
    303. 

  303.  	int res;
    304. 

  304. @@ -587,6 +596,7 @@ static void ovl_put_super(struct super_b
    305. 

  305.  	kfree(ufs->config.lowerdir);
    306. 

  306.  	kfree(ufs->config.upperdir);
    307. 

  307.  	kfree(ufs->config.workdir);
    308. 

  308. +	put_cred(ufs->creator_cred);
    309. 

  309.  	kfree(ufs);
    310. 

  310.  }
    311. 

  311.  
    312. 

  312. @@ -1087,10 +1097,14 @@ static int ovl_fill_super(struct super_b
    313. 

  313.  	else
    314. 

  314.  		sb->s_d_op = &ovl_dentry_operations;
    315. 

  315.  
    316. 

  316. +	ufs->creator_cred = prepare_creds();
    317. 

  317. +	if (!ufs->creator_cred)
    318. 

  318. +		goto out_put_lower_mnt;
    319. 

  319. +
    320. 

  320.  	err = -ENOMEM;
    321. 

  321.  	oe = ovl_alloc_entry(numlower);
    322. 

  322.  	if (!oe)
    323. 

  323. -		goto out_put_lower_mnt;
    324. 

  324. +		goto out_put_cred;
    325. 

  325.  
    326. 

  326.  	root_dentry = d_make_root(ovl_new_inode(sb, S_IFDIR, oe));
    327. 

  327.  	if (!root_dentry)
    328. 

  328. @@ -1123,6 +1137,8 @@ static int ovl_fill_super(struct super_b
    329. 

  329.  
    330. 

  330.  out_free_oe:
    331. 

  331.  	kfree(oe);
    332. 

  332. +out_put_cred:
    333. 

  333. +	put_cred(ufs->creator_cred);
    334. 

  334.  out_put_lower_mnt:
    335. 

  335.  	for (i = 0; i < ufs->numlower; i++)
    336. 

  336.  		mntput(ufs->lower_mnt[i]);
    337.