openkylin
/
platform_kernel-5.15
mirror of https://gitee.com/openkylin/platform_kernel-5.15.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

FROMLIST: overlayfs: inode_owner_or_capable called during execv 

Using old_creds as an indication that we are not overriding the
credentials, bypass call to inode_owner_or_capable.  This solves
a problem with all execv calls being blocked when using the caller's
credentials.

Bug: 204981027
Link: https://lore.kernel.org/lkml/20211117015806.2192263-5-dvander@google.com
Change-Id: Ifa966dabda7413873614d1da24629dc8054db131
Signed-off-by: David Anderson <dvander@google.com>
Signed-off-by: Mark Salyzyn <salyzyn@android.com>
This commit is contained in:
David Anderson 2021-11-03 22:41:40 -07:00
parent 0792ff2e87
commit 5accf46108
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
fs/overlayfs/file.c
View File

@ -56,7 +56,8 @@ static struct file *ovl_open_realfile(const struct file *file,
if (err) {
realfile = ERR_PTR(err);
} else {
if (!inode_owner_or_capable(&init_user_ns, realinode))
if (old_cred && !inode_owner_or_capable(&init_user_ns,
realinode))
flags &= ~O_NOATIME;
realfile = open_with_fake_path(&file->f_path, flags, realinode,