首页 发现 帮助
登录
GfA
/
linux_kernel
5
0
派生 0
文件 工单管理 0 合并请求 0 Wiki
浏览代码

ovl: dilute permission checks on lower only if not special file

Right now if file is on lower/, we remove MAY_WRITE/MAY_APPEND bits from
mask as lower/ will never be written and file will be copied up. But this
is not true for special files. These files are not copied up and are opened
in place. So don't dilute the checks for these types of files.

Reported-by: Dan Walsh <dwalsh@redhat.com>
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Vivek Goyal 9 年之前
父节点
d837a49bd5
当前提交
e29841a0ab
共有 1 个文件被更改,包括 1 次插入1 次删除
分列视图 显示文件统计
  1. 1 1
      fs/overlayfs/inode.c

+ 1 - 1
fs/overlayfs/inode.c
查看文件 

@@ -137,7 +137,7 @@ int ovl_permission(struct inode *inode, int mask)
 
 		return err;
 
 
 	old_cred = ovl_override_creds(inode->i_sb);
 
-	if (!is_upper)
 
+	if (!is_upper && !special_file(realinode->i_mode))
 
 		mask &= ~(MAY_WRITE | MAY_APPEND);
 
 	err = inode_permission(realinode, mask);
 
 	revert_creds(old_cred);