diff options
author | Miklos Szeredi <mszeredi@redhat.com> | 2016-05-11 02:16:37 +0300 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2016-05-11 06:58:18 +0300 |
commit | 38b78a5f18584db6fa7441e0f4531b283b0e6725 (patch) | |
tree | cdb15adf5fe5c201c87d17c7847cf07484d8a441 | |
parent | 3c9fe8cdff1b889a059a30d22f130372f2b3885f (diff) | |
download | linux-38b78a5f18584db6fa7441e0f4531b283b0e6725.tar.xz |
ovl: ignore permissions on underlying lookup
Generally permission checking is not necessary when overlayfs looks up a
dentry on one of the underlying layers, since search permission on base
directory was already checked in ovl_permission().
More specifically using lookup_one_len() causes a problem when the lower
directory lacks search permission for a specific user while the upper
directory does have search permission. Since lookups are cached, this
causes inconsistency in behavior: success depends on who did the first
lookup.
So instead use lookup_hash() which doesn't do the permission check.
Reported-by: Ignacy Gawędzki <ignacy.gawedzki@green-communications.fr>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
-rw-r--r-- | fs/overlayfs/super.c | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/fs/overlayfs/super.c b/fs/overlayfs/super.c index 5d972e6cd3fe..791235e03d17 100644 --- a/fs/overlayfs/super.c +++ b/fs/overlayfs/super.c @@ -411,9 +411,7 @@ static inline struct dentry *ovl_lookup_real(struct dentry *dir, { struct dentry *dentry; - inode_lock(dir->d_inode); - dentry = lookup_one_len(name->name, dir, name->len); - inode_unlock(dir->d_inode); + dentry = lookup_hash(name, dir); if (IS_ERR(dentry)) { if (PTR_ERR(dentry) == -ENOENT) |