Message ID | 1447778351-118699-3-git-send-email-seth.forshee@canonical.com |
---|---|
State | Not Applicable |
Headers | show
Return-Path: <linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org> X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2001:1868:205::9]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 35C3F141448 for <incoming@patchwork.ozlabs.org>; Wed, 18 Nov 2015 03:45:42 +1100 (AEDT) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=canonical_com.20150623.gappssmtp.com header.i=@canonical_com.20150623.gappssmtp.com header.b=zVM6u1pq; dkim-atps=neutral Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.80.1 #2 (Red Hat Linux)) id 1ZyjJ2-00050w-Vg; Tue, 17 Nov 2015 16:40:32 +0000 Received: from mail-ig0-x22a.google.com ([2607:f8b0:4001:c05::22a]) by bombadil.infradead.org with esmtps (Exim 4.80.1 #2 (Red Hat Linux)) id 1ZyjIv-0004Cx-Tn for linux-mtd@lists.infradead.org; Tue, 17 Nov 2015 16:40:27 +0000 Received: by igcph11 with SMTP id ph11so82746579igc.1 for <linux-mtd@lists.infradead.org>; Tue, 17 Nov 2015 08:40:05 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical_com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=82307GhF4DfEulDFlEN5o0F3tZyKr/GCBK6KOIrNfu0=; b=zVM6u1pq2AXxM/14EVK4XFXSc/qsLT3rCXKsJfbR1XJiohq6LHd/2JIopsnQi+RZZz zvgyc5KnKVwwHn0H1kRdwRtwvwFq4768+d8iz5VCXnrLnVt1NmPyj8k/9roYKBOjXqNj K6SX33tk4QVoIcs5291R6GFukAZVjjc9PMePvngomshMazzuYBiXhrJOCnBblx+aihtC aoV7JWFXY39XdFGJBquWjwDPSf7CDlqtTYLPKHoSYpKmWdTxYm+947r+LG30GYoQ5p8n EJU2Ci4J+vJQgv/TRnpP4noSAMsPvOVHGeyFZS4MaEoGdAcWQDBhPZKtlNAxxWcCnw8b 0y8w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=82307GhF4DfEulDFlEN5o0F3tZyKr/GCBK6KOIrNfu0=; b=gHPQx/LeMVCLjoIOsnRSxyHWWSuEIjX4sg9+9lBhNFPQNcQU4BUW9ji0cNMuFiy51M Zjf7cgXThLpBMFcjMGQ2Rkwvlo2CGhF1UNWUNLQ45z/UNHGX6WNv+cBoJho9ICZ12p4J djAseUY5QM6oXzFzgLBJ19CEEU1bTpcUzadAa0bkf2c/gjgbkue/Y7icBaBkNpOFELJH Tde2IhtLpQiLyJRaf4QnkM1SSJdDwJ5xXMg/tG8wy8GdTOqDcvGbzcaoLnT9DNe0Ij3b kYyGT2FblClMfohuz8Rxenw9+LKMJuE5FW+iSyuDBgNoPOYp58/6e70TOoYYJmUn3is2 NIKA== X-Gm-Message-State: ALoCoQkPVbvKhC5VQR9n5Np0YiZtu3Z2/vTBC65FWBlmjMuFr9F8c1stm6oMGFk5V0D4CsBQL433 X-Received: by 10.50.78.194 with SMTP id d2mr2742488igx.72.1447778404956; Tue, 17 Nov 2015 08:40:04 -0800 (PST) Received: from localhost (199-87-125-144.dyn.kc.surewest.net. [199.87.125.144]) by smtp.gmail.com with ESMTPSA id 81sm13239047iot.17.2015.11.17.08.40.04 (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Tue, 17 Nov 2015 08:40:04 -0800 (PST) From: Seth Forshee <seth.forshee@canonical.com> To: "Eric W. Biederman" <ebiederm@xmission.com>, Alexander Viro <viro@zeniv.linux.org.uk> Subject: [PATCH v3 2/7] block_dev: Check permissions towards block device inode when mounting Date: Tue, 17 Nov 2015 10:39:05 -0600 Message-Id: <1447778351-118699-3-git-send-email-seth.forshee@canonical.com> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1447778351-118699-1-git-send-email-seth.forshee@canonical.com> References: <1447778351-118699-1-git-send-email-seth.forshee@canonical.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20151117_084026_102013_726A1B8A X-CRM114-Status: GOOD ( 10.75 ) X-Spam-Score: -2.6 (--) X-Spam-Report: SpamAssassin version 3.4.0 on bombadil.infradead.org summary: Content analysis details: (-2.6 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low trust [2607:f8b0:4001:c05:0:0:0:22a listed in] [list.dnswl.org] -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-BeenThere: linux-mtd@lists.infradead.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Linux MTD discussion mailing list <linux-mtd.lists.infradead.org> List-Unsubscribe: <http://lists.infradead.org/mailman/options/linux-mtd>, <mailto:linux-mtd-request@lists.infradead.org?subject=unsubscribe> List-Archive: <http://lists.infradead.org/pipermail/linux-mtd/> List-Post: <mailto:linux-mtd@lists.infradead.org> List-Help: <mailto:linux-mtd-request@lists.infradead.org?subject=help> List-Subscribe: <http://lists.infradead.org/mailman/listinfo/linux-mtd>, <mailto:linux-mtd-request@lists.infradead.org?subject=subscribe> Cc: Serge Hallyn <serge.hallyn@canonical.com>, dm-devel@redhat.com, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, Andy Lutomirski <luto@amacapital.net>, linux-raid@vger.kernel.org, Seth Forshee <seth.forshee@canonical.com>, linux-bcache@vger.kernel.org, linux-mtd@lists.infradead.org, selinux@tycho.nsa.gov, linux-fsdevel@vger.kernel.org MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-mtd" <linux-mtd-bounces@lists.infradead.org> Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org |
diff --git a/fs/block_dev.c b/fs/block_dev.c index f1f0aa7214a3..54d94cd64577 100644 --- a/fs/block_dev.c +++ b/fs/block_dev.c @@ -1394,9 +1394,14 @@ struct block_device *blkdev_get_by_path(const char *path, fmode_t mode, void *holder) { struct block_device *bdev; + int perm = 0; int err; - bdev = lookup_bdev(path, 0); + if (mode & FMODE_READ) + perm |= MAY_READ; + if (mode & FMODE_WRITE) + perm |= MAY_WRITE; + bdev = lookup_bdev(path, perm); if (IS_ERR(bdev)) return bdev;
Unprivileged users should not be able to mount block devices when they lack sufficient privileges towards the block device inode. Update blkdev_get_by_path() to validate that the user has the required access to the inode at the specified path. The check will be skipped for CAP_SYS_ADMIN, so privileged mounts will continue working as before. Signed-off-by: Seth Forshee <seth.forshee@canonical.com> --- fs/block_dev.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-)