From patchwork Sun Apr 14 15:44:22 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1085326 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 44hwtG5YvVz9sBb; Mon, 15 Apr 2019 01:44:38 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1hFhJ1-0002Sw-Nm; Sun, 14 Apr 2019 15:44:31 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.86_2) (envelope-from ) id 1hFhIx-0002Sc-9o for kernel-team@lists.ubuntu.com; Sun, 14 Apr 2019 15:44:27 +0000 Received: from mail-yb1-f198.google.com ([209.85.219.198]) by youngberry.canonical.com with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.76) (envelope-from ) id 1hFhIw-0001eo-T5 for kernel-team@lists.ubuntu.com; Sun, 14 Apr 2019 15:44:27 +0000 Received: by mail-yb1-f198.google.com with SMTP id k76so11335375ybk.0 for ; Sun, 14 Apr 2019 08:44:26 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=GaFBKJTjBKtOMZzW3+cXrN5zZa/yeZi7dJO/+MLQbYo=; b=SdJFYNzN5BOtkTzvlb9WQq9J2SC/HnH4VdbEiw6rECfI3e9Ak+eFCh6Es0fREhjNdT KDNltjkfRWJ7y+mu5agD5spjdYRsfssGtb94krVH3hb4CdHBqeOebMPjDuwk1v+dS6kC kwwksqaDRxEY7gTGnbu/pg6fmY256z22Jt2PgeE6CMDAEvnMywf/SP39sW2kJNudNfzO SpHrANRFEsdlaegK9LmR/HA7Tp3b/aiEpsOeRxpT+sPImAeoBIplz7pg0Nw5UYvu4tYn ixGwKJ6gOXtwTDNtPjgSeKz1UfHw8twnuThLqRHfE/AsCwF6eORD6vZ0Wz/4XHSPnoeZ UxEA== X-Gm-Message-State: APjAAAWOfsZ7zXIaNZPQI+hRgUag0+GKXFJfKZBLqsOx2vGt496Lef+D w/k4WMv4GOM+Dxuxc8B6ADdE3Eat/Rbbz1xczwnaODxN3yBHUpGpOyv+0qoOdrAi85JTy4Q1I8k Dm3Bh19w2UbcEXx1AFyQuKNmdTk5WQ7xLsYq8Gi0UfA== X-Received: by 2002:a25:d7c1:: with SMTP id o184mr7872878ybg.147.1555256665759; Sun, 14 Apr 2019 08:44:25 -0700 (PDT) X-Google-Smtp-Source: APXvYqzMv97F0wRPTpFlZl2pnLSwxwY8zWrhUVBkhLukYKeof5Ar7BjE26ONNYFNcc+8N5Z3G1MiuQ== X-Received: by 2002:a25:d7c1:: with SMTP id o184mr7872864ybg.147.1555256665490; Sun, 14 Apr 2019 08:44:25 -0700 (PDT) Received: from localhost ([2605:a601:ac2:fb20:1f0:4aea:f883:5b7d]) by smtp.gmail.com with ESMTPSA id k125sm29696973ywb.26.2019.04.14.08.44.24 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Sun, 14 Apr 2019 08:44:24 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH 1/1][SRU][Disco] shiftfs: fix passing of attrs to underaly for setattr Date: Sun, 14 Apr 2019 10:44:22 -0500 Message-Id: <20190414154422.7284-2-seth.forshee@canonical.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190414154422.7284-1-seth.forshee@canonical.com> References: <20190414154422.7284-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" https://bugs.launchpad.net/bugs/1824717 shiftfs_setattr() makes a copy of the attrs it was passed to pass to the lower fs. It then calls setattr_prepare() with the original attrs, and this may make changes which are not reflected in the attrs passed to the lower fs. To fix this, copy the attrs to the new struct for the lower fs after calling setattr_prepare(). Additionally, notify_change() may have set ATTR_MODE when one of ATTR_KILL_S[UG]ID is set, and passing this combination to notify_change() will trigger a BUG(). Do as overlayfs and ecryptfs both do, and clear ATTR_MODE if either of those bits is set. Reviewed-by: Christian Brauner Signed-off-by: Seth Forshee --- fs/shiftfs.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/fs/shiftfs.c b/fs/shiftfs.c index e736fd6afcb4..8e064756ea0c 100644 --- a/fs/shiftfs.c +++ b/fs/shiftfs.c @@ -765,7 +765,7 @@ static int shiftfs_setattr(struct dentry *dentry, struct iattr *attr) { struct dentry *lowerd = dentry->d_fsdata; struct inode *loweri = lowerd->d_inode; - struct iattr newattr = *attr; + struct iattr newattr; const struct cred *oldcred; struct super_block *sb = dentry->d_sb; int err; @@ -774,9 +774,17 @@ static int shiftfs_setattr(struct dentry *dentry, struct iattr *attr) if (err) return err; + newattr = *attr; newattr.ia_uid = KUIDT_INIT(from_kuid(sb->s_user_ns, attr->ia_uid)); newattr.ia_gid = KGIDT_INIT(from_kgid(sb->s_user_ns, attr->ia_gid)); + /* + * mode change is for clearing setuid/setgid bits. Allow lower fs + * to interpret this in its own way. + */ + if (newattr.ia_valid & (ATTR_KILL_SUID|ATTR_KILL_SGID)) + newattr.ia_valid &= ~ATTR_MODE; + inode_lock(loweri); oldcred = shiftfs_override_creds(dentry->d_sb); err = notify_change(lowerd, &newattr, NULL);