diff mbox

[v2,2/2,Xenial,SRU] ovl: ignore permissions on underlying lookup

Message ID 1485813986-58913-3-git-send-email-seth.forshee@canonical.com
State New
Headers show

Commit Message

Seth Forshee Jan. 30, 2017, 10:06 p.m. UTC
From: Miklos Szeredi <mszeredi@redhat.com>

BugLink: http://bugs.launchpad.net/bugs/1659417

Generally permission checking is not necessary when overlayfs looks up a
dentry on one of the underlying layers, since search permission on base
directory was already checked in ovl_permission().

More specifically using lookup_one_len() causes a problem when the lower
directory lacks search permission for a specific user while the upper
directory does have search permission.  Since lookups are cached, this
causes inconsistency in behavior: success depends on who did the first
lookup.

So instead use lookup_hash() which doesn't do the permission check.

Reported-by: Ignacy Gawędzki <ignacy.gawedzki@green-communications.fr>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
(backported from commit 38b78a5f18584db6fa7441e0f4531b283b0e6725)
Signed-off-by: Seth Forshee <seth.forshee@canonical.com>
---
 fs/overlayfs/super.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)
diff mbox

Patch

diff --git a/fs/overlayfs/super.c b/fs/overlayfs/super.c
index 526a2e193afe..e409ffba4a65 100644
--- a/fs/overlayfs/super.c
+++ b/fs/overlayfs/super.c
@@ -475,9 +475,7 @@  static inline struct dentry *ovl_lookup_real(struct dentry *dir,
 {
 	struct dentry *dentry;
 
-	mutex_lock(&dir->d_inode->i_mutex);
-	dentry = lookup_one_len(name->name, dir, name->len);
-	mutex_unlock(&dir->d_inode->i_mutex);
+	dentry = lookup_hash(name, dir);
 
 	if (IS_ERR(dentry)) {
 		if (PTR_ERR(dentry) == -ENOENT)