Commit 28455c5a authored by Seth Forshee's avatar Seth Forshee

fs: Ensure the mounter of a filesystem is privileged towards its inodes

The mounter of a filesystem should be privileged towards the
inodes of that filesystem. Extend the checks in
inode_owner_or_capable() and capable_wrt_inode_uidgid() to
permit access by users priviliged in the user namespace of the
inode's superblock.
Signed-off-by: default avatarSeth Forshee <seth.forshee@canonical.com>
parent faa85be5
...@@ -1961,6 +1961,9 @@ bool inode_owner_or_capable(const struct inode *inode) ...@@ -1961,6 +1961,9 @@ bool inode_owner_or_capable(const struct inode *inode)
ns = current_user_ns(); ns = current_user_ns();
if (ns_capable(ns, CAP_FOWNER) && kuid_has_mapping(ns, inode->i_uid)) if (ns_capable(ns, CAP_FOWNER) && kuid_has_mapping(ns, inode->i_uid))
return true; return true;
if (ns_capable(inode->i_sb->s_user_ns, CAP_FOWNER))
return true;
return false; return false;
} }
EXPORT_SYMBOL(inode_owner_or_capable); EXPORT_SYMBOL(inode_owner_or_capable);
......
...@@ -437,13 +437,18 @@ EXPORT_SYMBOL(file_ns_capable); ...@@ -437,13 +437,18 @@ EXPORT_SYMBOL(file_ns_capable);
* *
* Return true if the current task has the given capability targeted at * Return true if the current task has the given capability targeted at
* its own user namespace and that the given inode's uid and gid are * its own user namespace and that the given inode's uid and gid are
* mapped into the current user namespace. * mapped into the current user namespace, or if the current task has
* the capability towards the user namespace of the inode's superblock.
*/ */
bool capable_wrt_inode_uidgid(const struct inode *inode, int cap) bool capable_wrt_inode_uidgid(const struct inode *inode, int cap)
{ {
struct user_namespace *ns = current_user_ns(); struct user_namespace *ns;
return ns_capable(ns, cap) && kuid_has_mapping(ns, inode->i_uid) && ns = current_user_ns();
kgid_has_mapping(ns, inode->i_gid); if (ns_capable(ns, cap) && kuid_has_mapping(ns, inode->i_uid) &&
kgid_has_mapping(ns, inode->i_gid))
return true;
return ns_capable(inode->i_sb->s_user_ns, cap);
} }
EXPORT_SYMBOL(capable_wrt_inode_uidgid); EXPORT_SYMBOL(capable_wrt_inode_uidgid);
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment