From patchwork Thu Nov 7 17:21:53 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1191330 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4789Hf035gz9sQy; Fri, 8 Nov 2019 04:24:12 +1100 (AEDT) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1iSlVu-00056m-Qq; Thu, 07 Nov 2019 17:24:06 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1iSlVt-00056a-Jy for kernel-team@lists.ubuntu.com; Thu, 07 Nov 2019 17:24:05 +0000 Received: from mail-yw1-f72.google.com ([209.85.161.72]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1iSlVt-0000oA-C4 for kernel-team@lists.ubuntu.com; Thu, 07 Nov 2019 17:24:05 +0000 Received: by mail-yw1-f72.google.com with SMTP id c68so486024ywe.9 for ; Thu, 07 Nov 2019 09:24:05 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:mime-version :content-transfer-encoding; bh=Syx6bt1miMIfub99/N9G3pZ3hEOirWO+rU8AodFGQy8=; b=Ej/CxEzd2g0MXQSElHxlTFB93X5qSZD9n6gWEyeqPo/Pm8PcjVDzYpLxJjk0IeJ28M MT7yzl/OToLVdiENO/cI3NBuQ4Icxrkf3ibv6nVY0wdTs/M9kkTO4WTO/mLDFyAMf+nr NLYwl5pfQc76rKZPvKJ6mYPP8Lch20JsmMsmsJcrHBS0xidhMU3eR1dCSVBf6JQf/pzU 2oZSvCn7NoqCIIPAMmBP3yJnwz35epxCcDwFpcxMjFVmePA+SG05YX3vWMNk/T4KvtkT BOprH4TwTIBYmxQRO4iyzS0eE68jtOKxJ5lH//VS7LWurgwhBfY3j8noujjb3YlK7W/j UXEQ== X-Gm-Message-State: APjAAAVaQ621Dz5aXha0+j7C9NFvOakjMR7TLYNxCKlBgV3RqXF4briU 6IbtzUbl6ImIFDK3Y8uIr3jDE+SO6ejj2AuVPXqUNQNaD9C4+IAyBnfLyplr0pQBGsdi5737Y1E 0AY6cUJhxJmbaMaWnO3xqwqsn0MbWiKgG7fWmvSj88w== X-Received: by 2002:a81:6705:: with SMTP id b5mr3235612ywc.10.1573147444254; Thu, 07 Nov 2019 09:24:04 -0800 (PST) X-Google-Smtp-Source: APXvYqw9SvdkkmB+t9cyZem2BCi2xz1s3IVCANsSAXZ5ijETJ3bYAvSHHg3kf/H4ekikXo+M4kjxKA== X-Received: by 2002:a81:6705:: with SMTP id b5mr3235580ywc.10.1573147443758; Thu, 07 Nov 2019 09:24:03 -0800 (PST) Received: from localhost ([136.37.150.243]) by smtp.gmail.com with ESMTPSA id s18sm2118888ywk.33.2019.11.07.09.24.03 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 07 Nov 2019 09:24:03 -0800 (PST) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH][SRU][D/E] UBUNTU: SAUCE: fs: Move SB_I_NOSUID to the top of s_iflags Date: Thu, 7 Nov 2019 11:21:53 -0600 Message-Id: <20191107172153.30926-1-seth.forshee@canonical.com> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" BugLink: https://bugs.launchpad.net/bugs/1851677 SB_I_NOSUID was added by a sauce patch, and over time it has come to occpy the same bit in s_iflags as SB_I_USERNS_VISIBLE without being noticed. overlayfs will set SB_I_NOSUID when any lower mount is nosuid. When this happens for a user namespace mount, mount_too_revealing() will perform additional, unnecessary checks which may block mounting when it should be allowed. Move SB_I_NOSUID to prevent this conflict, and move it to the top of s_iflags to make future conflicts less likely. Reported-by: Jann Horn Signed-off-by: Seth Forshee Acked-by: Sultan Alsawaf --- include/linux/fs.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/linux/fs.h b/include/linux/fs.h index 25bdf254d5c9..ff2767d66c31 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -1380,12 +1380,12 @@ extern int send_sigurg(struct fown_struct *fown); #define SB_I_NOEXEC 0x00000002 /* Ignore executables on this fs */ #define SB_I_NODEV 0x00000004 /* Ignore devices on this fs */ #define SB_I_MULTIROOT 0x00000008 /* Multiple roots to the dentry tree */ -#define SB_I_NOSUID 0x00000010 /* Ignore suid on this fs */ /* sb->s_iflags to limit user namespace mounts */ #define SB_I_USERNS_VISIBLE 0x00000010 /* fstype already mounted */ #define SB_I_IMA_UNVERIFIABLE_SIGNATURE 0x00000020 #define SB_I_UNTRUSTED_MOUNTER 0x00000040 +#define SB_I_NOSUID 0x80000000 /* Ignore suid on this fs */ /* Possible states of 'frozen' field */ enum {