diff options
author | Vivek Goyal <vgoyal@redhat.com> | 2016-07-01 16:34:29 -0400 |
---|---|---|
committer | Miklos Szeredi <mszeredi@redhat.com> | 2016-07-29 12:05:23 +0200 |
commit | 754f8cb72b42a3a6100d2bbb1cb885361a7310dd (patch) | |
tree | 307370378a607f2882df396417aaebed1ef1f590 | |
parent | 1175b6b8d96331676f1d436b089b965807f23b4a (diff) | |
download | linux-754f8cb72b42a3a6100d2bbb1cb885361a7310dd.tar.bz2 |
ovl: do not require mounter to have MAY_WRITE on lower
Now we have two levels of checks in ovl_permission(). overlay inode
is checked with the creds of task while underlying inode is checked
with the creds of mounter.
Looks like mounter does not have to have WRITE access to files on lower/.
So remove the MAY_WRITE from access mask for checks on underlying
lower inode.
This means task should still have the MAY_WRITE permission on lower
inode and mounter is not required to have MAY_WRITE.
It also solves the problem of read only NFS mounts being used as lower.
If __inode_permission(lower_inode, MAY_WRITE) is called on read only
NFS, it fails. By resetting MAY_WRITE, check succeeds and case of
read only NFS shold work with overlay without having to specify any
special mount options (default permission).
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
-rw-r--r-- | fs/overlayfs/inode.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/fs/overlayfs/inode.c b/fs/overlayfs/inode.c index 5becbaf1cec7..8f7dd547cfb3 100644 --- a/fs/overlayfs/inode.c +++ b/fs/overlayfs/inode.c @@ -184,6 +184,8 @@ int ovl_permission(struct inode *inode, int mask) return err; old_cred = ovl_override_creds(inode->i_sb); + if (!is_upper) + mask &= ~(MAY_WRITE | MAY_APPEND); err = __inode_permission(realinode, mask); revert_creds(old_cred); |