Commit 6742cee0 authored by Miklos Szeredi's avatar Miklos Szeredi

Revert "ovl: don't allow writing ioctl on lower layer"

This reverts commit 7c6893e3.

Overlayfs no longer relies on the vfs for checking writability of files.
Signed-off-by: default avatarMiklos Szeredi <mszeredi@redhat.com>
parent d561f218
...@@ -80,10 +80,8 @@ extern void __init mnt_init(void); ...@@ -80,10 +80,8 @@ extern void __init mnt_init(void);
extern int __mnt_want_write(struct vfsmount *); extern int __mnt_want_write(struct vfsmount *);
extern int __mnt_want_write_file(struct file *); extern int __mnt_want_write_file(struct file *);
extern int mnt_want_write_file_path(struct file *);
extern void __mnt_drop_write(struct vfsmount *); extern void __mnt_drop_write(struct vfsmount *);
extern void __mnt_drop_write_file(struct file *); extern void __mnt_drop_write_file(struct file *);
extern void mnt_drop_write_file_path(struct file *);
/* /*
* fs_struct.c * fs_struct.c
......
...@@ -430,73 +430,21 @@ int __mnt_want_write_file(struct file *file) ...@@ -430,73 +430,21 @@ int __mnt_want_write_file(struct file *file)
return mnt_clone_write(file->f_path.mnt); return mnt_clone_write(file->f_path.mnt);
} }
/**
* mnt_want_write_file_path - get write access to a file's mount
* @file: the file who's mount on which to take a write
*
* This is like mnt_want_write, but it takes a file and can
* do some optimisations if the file is open for write already
*
* Called by the vfs for cases when we have an open file at hand, but will do an
* inode operation on it (important distinction for files opened on overlayfs,
* since the file operations will come from the real underlying file, while
* inode operations come from the overlay).
*/
int mnt_want_write_file_path(struct file *file)
{
int ret;
sb_start_write(file->f_path.mnt->mnt_sb);
ret = __mnt_want_write_file(file);
if (ret)
sb_end_write(file->f_path.mnt->mnt_sb);
return ret;
}
static inline int may_write_real(struct file *file)
{
struct dentry *dentry = file->f_path.dentry;
struct dentry *upperdentry;
/* Writable file? */
if (file->f_mode & FMODE_WRITER)
return 0;
/* Not overlayfs? */
if (likely(!(dentry->d_flags & DCACHE_OP_REAL)))
return 0;
/* File refers to upper, writable layer? */
upperdentry = d_real(dentry, NULL, 0, D_REAL_UPPER);
if (upperdentry && file_inode(file) == d_inode(upperdentry))
return 0;
/* Lower layer: can't write to real file, sorry... */
return -EPERM;
}
/** /**
* mnt_want_write_file - get write access to a file's mount * mnt_want_write_file - get write access to a file's mount
* @file: the file who's mount on which to take a write * @file: the file who's mount on which to take a write
* *
* This is like mnt_want_write, but it takes a file and can * This is like mnt_want_write, but it takes a file and can
* do some optimisations if the file is open for write already * do some optimisations if the file is open for write already
*
* Mostly called by filesystems from their ioctl operation before performing
* modification. On overlayfs this needs to check if the file is on a read-only
* lower layer and deny access in that case.
*/ */
int mnt_want_write_file(struct file *file) int mnt_want_write_file(struct file *file)
{ {
int ret; int ret;
ret = may_write_real(file); sb_start_write(file->f_path.mnt->mnt_sb);
if (!ret) {
sb_start_write(file_inode(file)->i_sb);
ret = __mnt_want_write_file(file); ret = __mnt_want_write_file(file);
if (ret) if (ret)
sb_end_write(file_inode(file)->i_sb); sb_end_write(file->f_path.mnt->mnt_sb);
}
return ret; return ret;
} }
EXPORT_SYMBOL_GPL(mnt_want_write_file); EXPORT_SYMBOL_GPL(mnt_want_write_file);
...@@ -536,15 +484,9 @@ void __mnt_drop_write_file(struct file *file) ...@@ -536,15 +484,9 @@ void __mnt_drop_write_file(struct file *file)
__mnt_drop_write(file->f_path.mnt); __mnt_drop_write(file->f_path.mnt);
} }
void mnt_drop_write_file_path(struct file *file)
{
mnt_drop_write(file->f_path.mnt);
}
void mnt_drop_write_file(struct file *file) void mnt_drop_write_file(struct file *file)
{ {
__mnt_drop_write(file->f_path.mnt); mnt_drop_write(file->f_path.mnt);
sb_end_write(file_inode(file)->i_sb);
} }
EXPORT_SYMBOL(mnt_drop_write_file); EXPORT_SYMBOL(mnt_drop_write_file);
......
...@@ -707,12 +707,12 @@ int ksys_fchown(unsigned int fd, uid_t user, gid_t group) ...@@ -707,12 +707,12 @@ int ksys_fchown(unsigned int fd, uid_t user, gid_t group)
if (!f.file) if (!f.file)
goto out; goto out;
error = mnt_want_write_file_path(f.file); error = mnt_want_write_file(f.file);
if (error) if (error)
goto out_fput; goto out_fput;
audit_file(f.file); audit_file(f.file);
error = chown_common(&f.file->f_path, user, group); error = chown_common(&f.file->f_path, user, group);
mnt_drop_write_file_path(f.file); mnt_drop_write_file(f.file);
out_fput: out_fput:
fdput(f); fdput(f);
out: out:
......
...@@ -23,7 +23,6 @@ ...@@ -23,7 +23,6 @@
#include <linux/posix_acl_xattr.h> #include <linux/posix_acl_xattr.h>
#include <linux/uaccess.h> #include <linux/uaccess.h>
#include "internal.h"
static const char * static const char *
strcmp_prefix(const char *a, const char *a_prefix) strcmp_prefix(const char *a, const char *a_prefix)
...@@ -501,10 +500,10 @@ SYSCALL_DEFINE5(fsetxattr, int, fd, const char __user *, name, ...@@ -501,10 +500,10 @@ SYSCALL_DEFINE5(fsetxattr, int, fd, const char __user *, name,
if (!f.file) if (!f.file)
return error; return error;
audit_file(f.file); audit_file(f.file);
error = mnt_want_write_file_path(f.file); error = mnt_want_write_file(f.file);
if (!error) { if (!error) {
error = setxattr(f.file->f_path.dentry, name, value, size, flags); error = setxattr(f.file->f_path.dentry, name, value, size, flags);
mnt_drop_write_file_path(f.file); mnt_drop_write_file(f.file);
} }
fdput(f); fdput(f);
return error; return error;
...@@ -733,10 +732,10 @@ SYSCALL_DEFINE2(fremovexattr, int, fd, const char __user *, name) ...@@ -733,10 +732,10 @@ SYSCALL_DEFINE2(fremovexattr, int, fd, const char __user *, name)
if (!f.file) if (!f.file)
return error; return error;
audit_file(f.file); audit_file(f.file);
error = mnt_want_write_file_path(f.file); error = mnt_want_write_file(f.file);
if (!error) { if (!error) {
error = removexattr(f.file->f_path.dentry, name); error = removexattr(f.file->f_path.dentry, name);
mnt_drop_write_file_path(f.file); mnt_drop_write_file(f.file);
} }
fdput(f); fdput(f);
return error; return error;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment