[PATCH 33/34] overlayfs: handle idmapped merged mounts
Amir Goldstein
amir73il at gmail.com
Fri Oct 30 09:57:24 UTC 2020
> -int ovl_permission(struct inode *inode, int mask)
> +int ovl_permission_mapped(struct user_namespace *user_ns,
> + struct inode *inode, int mask)
> {
> struct inode *upperinode = ovl_inode_upper(inode);
> struct inode *realinode = upperinode ?: ovl_inode_lower(inode);
> - struct user_namespace *user_ns;
> + struct user_namespace *real_user_ns;
> const struct cred *old_cred;
> int err;
>
> @@ -302,15 +313,15 @@ int ovl_permission(struct inode *inode, int mask)
> }
>
> if (upperinode)
> - user_ns = ovl_upper_mnt_user_ns(OVL_FS(inode->i_sb));
> + real_user_ns = ovl_upper_mnt_user_ns(OVL_FS(inode->i_sb));
> else
> - user_ns = OVL_I(inode)->lower_user_ns;
> + real_user_ns = OVL_I(inode)->lower_user_ns;
These changes look strange in this patch. Better use real_user_ns in previous
patch.
Thanks,
Amir.
More information about the Linux-security-module-archive
mailing list