Commit 8eac98b8 authored by Vivek Goyal's avatar Vivek Goyal Committed by Miklos Szeredi

ovl: during copy up, switch to mounter's creds early

Now, we have the notion that copy up of a file is done with the creds
of mounter of overlay filesystem (as opposed to task). Right now before
we switch creds, we do some vfs_getattr() operations in the context of
task and that itself can fail. We should do that getattr() using the
creds of mounter instead.

So this patch switches to mounter's creds early during copy up process so
that even vfs_getattr() is done with mounter's creds.

Do not call revert_creds() unless we have already called
ovl_override_creds(). [Reported by Arnd Bergmann]
Signed-off-by: default avatarVivek Goyal <vgoyal@redhat.com>
Signed-off-by: default avatarMiklos Szeredi <mszeredi@redhat.com>
parent 2b6bc7f4
...@@ -348,7 +348,6 @@ int ovl_copy_up_one(struct dentry *parent, struct dentry *dentry, ...@@ -348,7 +348,6 @@ int ovl_copy_up_one(struct dentry *parent, struct dentry *dentry,
struct path parentpath; struct path parentpath;
struct dentry *upperdir; struct dentry *upperdir;
struct dentry *upperdentry; struct dentry *upperdentry;
const struct cred *old_cred;
char *link = NULL; char *link = NULL;
if (WARN_ON(!workdir)) if (WARN_ON(!workdir))
...@@ -369,8 +368,6 @@ int ovl_copy_up_one(struct dentry *parent, struct dentry *dentry, ...@@ -369,8 +368,6 @@ int ovl_copy_up_one(struct dentry *parent, struct dentry *dentry,
return PTR_ERR(link); return PTR_ERR(link);
} }
old_cred = ovl_override_creds(dentry->d_sb);
err = -EIO; err = -EIO;
if (lock_rename(workdir, upperdir) != NULL) { if (lock_rename(workdir, upperdir) != NULL) {
pr_err("overlayfs: failed to lock workdir+upperdir\n"); pr_err("overlayfs: failed to lock workdir+upperdir\n");
...@@ -391,7 +388,6 @@ int ovl_copy_up_one(struct dentry *parent, struct dentry *dentry, ...@@ -391,7 +388,6 @@ int ovl_copy_up_one(struct dentry *parent, struct dentry *dentry,
} }
out_unlock: out_unlock:
unlock_rename(workdir, upperdir); unlock_rename(workdir, upperdir);
revert_creds(old_cred);
if (link) if (link)
free_page((unsigned long) link); free_page((unsigned long) link);
...@@ -401,9 +397,9 @@ int ovl_copy_up_one(struct dentry *parent, struct dentry *dentry, ...@@ -401,9 +397,9 @@ int ovl_copy_up_one(struct dentry *parent, struct dentry *dentry,
int ovl_copy_up(struct dentry *dentry) int ovl_copy_up(struct dentry *dentry)
{ {
int err; int err = 0;
const struct cred *old_cred = ovl_override_creds(dentry->d_sb);
err = 0;
while (!err) { while (!err) {
struct dentry *next; struct dentry *next;
struct dentry *parent; struct dentry *parent;
...@@ -435,6 +431,7 @@ int ovl_copy_up(struct dentry *dentry) ...@@ -435,6 +431,7 @@ int ovl_copy_up(struct dentry *dentry)
dput(parent); dput(parent);
dput(next); dput(next);
} }
revert_creds(old_cred);
return err; return err;
} }
...@@ -19,6 +19,7 @@ static int ovl_copy_up_truncate(struct dentry *dentry) ...@@ -19,6 +19,7 @@ static int ovl_copy_up_truncate(struct dentry *dentry)
struct dentry *parent; struct dentry *parent;
struct kstat stat; struct kstat stat;
struct path lowerpath; struct path lowerpath;
const struct cred *old_cred;
parent = dget_parent(dentry); parent = dget_parent(dentry);
err = ovl_copy_up(parent); err = ovl_copy_up(parent);
...@@ -26,12 +27,14 @@ static int ovl_copy_up_truncate(struct dentry *dentry) ...@@ -26,12 +27,14 @@ static int ovl_copy_up_truncate(struct dentry *dentry)
goto out_dput_parent; goto out_dput_parent;
ovl_path_lower(dentry, &lowerpath); ovl_path_lower(dentry, &lowerpath);
err = vfs_getattr(&lowerpath, &stat);
if (err)
goto out_dput_parent;
old_cred = ovl_override_creds(dentry->d_sb);
err = vfs_getattr(&lowerpath, &stat);
if (!err) {
stat.size = 0; stat.size = 0;
err = ovl_copy_up_one(parent, dentry, &lowerpath, &stat); err = ovl_copy_up_one(parent, dentry, &lowerpath, &stat);
}
revert_creds(old_cred);
out_dput_parent: out_dput_parent:
dput(parent); dput(parent);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment