[PATCH v2 03/10] ovl: check privs before decoding file handle
Amir Goldstein
amir73il at gmail.com
Wed Dec 9 18:16:10 UTC 2020
On Wed, Dec 9, 2020 at 6:20 PM Miklos Szeredi <miklos at szeredi.hu> wrote:
>
> On Wed, Dec 9, 2020 at 11:13 AM Miklos Szeredi <miklos at szeredi.hu> wrote:
>
> > Hard link indexing should work without fh decoding, since it is only
> > encoding the file handle to search for the index entry, and encoding
> > is not privileged.
>
> Tested this a bit and while hard link indexing does work, inode
> lookup is broken since it uses the origin inode as a key (which is not
Yes, that is what I meant by ovl_check_origin() is broken.
> available) instead of using the origin value directly. This is
> fixable, but needs a fair amount of restructuring, so let's just
Maybe it also requires on-disk changes.
We should be able to use the origin fh as the key for lower inode,
but we need the lower st_inode for initializing the ovl inode with
correct ino. If we cannot decode lower inode from origin fh, I think
we would need to store the ino in user.overlay.ino on copy up or
maintain redirect, but redirect is not supported either with user ns mount...
> postpone this and disable index for now, as you suggested.
>
Nobody seems to be enabling it anyway :-/
Thanks,
Amir.
More information about the Linux-security-module-archive
mailing list