Commit 090bd5f0 authored by Seth Forshee's avatar Seth Forshee Committed by Tim Gardner

UBUNTU: SAUCE: overlayfs: Propogate nosuid from lower and upper mounts

An overlayfs mount using an upper or lower directory from a
nosuid filesystem bypasses this restriction. Change this so
that if any lower or upper directory is nosuid at mount time the
overlayfs superblock is marked nosuid. This requires some
additions at the vfs level since nosuid currently only applies to
mounts, so a SB_I_NOSUID flag is added along with a helper
function to check a path for nosuid in both the mount and the
superblock.

BugLink: http://bugs.launchpad.net/bugs/1534961
BugLink: http://bugs.launchpad.net/bugs/1535150Signed-off-by: default avatarSeth Forshee <seth.forshee@canonical.com>
Signed-off-by: default avatarAndy Whitcroft <apw@canonical.com>
parent e29f45d6
...@@ -107,6 +107,13 @@ bool path_noexec(const struct path *path) ...@@ -107,6 +107,13 @@ bool path_noexec(const struct path *path)
} }
EXPORT_SYMBOL(path_noexec); EXPORT_SYMBOL(path_noexec);
bool path_nosuid(const struct path *path)
{
return !mnt_may_suid(path->mnt) ||
(path->mnt->mnt_sb->s_iflags & SB_I_NOSUID);
}
EXPORT_SYMBOL(path_nosuid);
#ifdef CONFIG_USELIB #ifdef CONFIG_USELIB
/* /*
* Note that a shared library must be both readable and executable due to * Note that a shared library must be both readable and executable due to
...@@ -1300,7 +1307,7 @@ static void bprm_fill_uid(struct linux_binprm *bprm) ...@@ -1300,7 +1307,7 @@ static void bprm_fill_uid(struct linux_binprm *bprm)
bprm->cred->euid = current_euid(); bprm->cred->euid = current_euid();
bprm->cred->egid = current_egid(); bprm->cred->egid = current_egid();
if (!mnt_may_suid(bprm->file->f_path.mnt)) if (path_nosuid(&bprm->file->f_path))
return; return;
if (task_no_new_privs(current)) if (task_no_new_privs(current))
......
...@@ -1074,6 +1074,9 @@ static int ovl_fill_super(struct super_block *sb, void *data, int silent) ...@@ -1074,6 +1074,9 @@ static int ovl_fill_super(struct super_block *sb, void *data, int silent)
goto out_put_lowerpath; goto out_put_lowerpath;
} }
if (ufs->upper_mnt->mnt_flags & MNT_NOSUID)
sb->s_iflags |= SB_I_NOSUID;
ufs->workdir = ovl_workdir_create(ufs->upper_mnt, workpath.dentry); ufs->workdir = ovl_workdir_create(ufs->upper_mnt, workpath.dentry);
err = PTR_ERR(ufs->workdir); err = PTR_ERR(ufs->workdir);
if (IS_ERR(ufs->workdir)) { if (IS_ERR(ufs->workdir)) {
...@@ -1102,6 +1105,9 @@ static int ovl_fill_super(struct super_block *sb, void *data, int silent) ...@@ -1102,6 +1105,9 @@ static int ovl_fill_super(struct super_block *sb, void *data, int silent)
*/ */
mnt->mnt_flags |= MNT_READONLY; mnt->mnt_flags |= MNT_READONLY;
if (mnt->mnt_flags & MNT_NOSUID)
sb->s_iflags |= SB_I_NOSUID;
ufs->lower_mnt[ufs->numlower] = mnt; ufs->lower_mnt[ufs->numlower] = mnt;
ufs->numlower++; ufs->numlower++;
} }
......
...@@ -1229,6 +1229,7 @@ struct mm_struct; ...@@ -1229,6 +1229,7 @@ struct mm_struct;
/* sb->s_iflags */ /* sb->s_iflags */
#define SB_I_CGROUPWB 0x00000001 /* cgroup-aware writeback enabled */ #define SB_I_CGROUPWB 0x00000001 /* cgroup-aware writeback enabled */
#define SB_I_NOEXEC 0x00000002 /* Ignore executables on this fs */ #define SB_I_NOEXEC 0x00000002 /* Ignore executables on this fs */
#define SB_I_NOSUID 0x00000004 /* Ignore suid on this fs */
/* Possible states of 'frozen' field */ /* Possible states of 'frozen' field */
enum { enum {
...@@ -3047,5 +3048,6 @@ static inline bool dir_relax(struct inode *inode) ...@@ -3047,5 +3048,6 @@ static inline bool dir_relax(struct inode *inode)
} }
extern bool path_noexec(const struct path *path); extern bool path_noexec(const struct path *path);
extern bool path_nosuid(const struct path *path);
#endif /* _LINUX_FS_H */ #endif /* _LINUX_FS_H */
...@@ -453,7 +453,7 @@ static int get_file_caps(struct linux_binprm *bprm, bool *effective, bool *has_c ...@@ -453,7 +453,7 @@ static int get_file_caps(struct linux_binprm *bprm, bool *effective, bool *has_c
if (!file_caps_enabled) if (!file_caps_enabled)
return 0; return 0;
if (!mnt_may_suid(bprm->file->f_path.mnt)) if (path_nosuid(&bprm->file->f_path))
return 0; return 0;
if (!current_in_userns(bprm->file->f_path.mnt->mnt_sb->s_user_ns)) if (!current_in_userns(bprm->file->f_path.mnt->mnt_sb->s_user_ns))
return 0; return 0;
......
...@@ -2194,7 +2194,7 @@ static int check_nnp_nosuid(const struct linux_binprm *bprm, ...@@ -2194,7 +2194,7 @@ static int check_nnp_nosuid(const struct linux_binprm *bprm,
const struct task_security_struct *new_tsec) const struct task_security_struct *new_tsec)
{ {
int nnp = (bprm->unsafe & LSM_UNSAFE_NO_NEW_PRIVS); int nnp = (bprm->unsafe & LSM_UNSAFE_NO_NEW_PRIVS);
int nosuid = !mnt_may_suid(bprm->file->f_path.mnt); int nosuid = path_nosuid(&bprm->file->f_path);
int rc; int rc;
if (!nnp && !nosuid) if (!nnp && !nosuid)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment