Commit e57ac683 authored by Miklos Szeredi's avatar Miklos Szeredi Committed by Linus Torvalds

fuse: fix allowing operations

The following operation didn't check if sending the request was allowed:

  setattr
  listxattr
  statfs

Some other operations don't explicitly do the check, but VFS calls
->permission() which checks this.
Signed-off-by: default avatarMiklos Szeredi <mszeredi@suse.cz>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent 42a2b6ad
...@@ -721,7 +721,7 @@ static int fuse_refresh_attributes(struct inode *inode) ...@@ -721,7 +721,7 @@ static int fuse_refresh_attributes(struct inode *inode)
* for which the owner of the mount has ptrace privilege. This * for which the owner of the mount has ptrace privilege. This
* excludes processes started by other users, suid or sgid processes. * excludes processes started by other users, suid or sgid processes.
*/ */
static int fuse_allow_task(struct fuse_conn *fc, struct task_struct *task) int fuse_allow_task(struct fuse_conn *fc, struct task_struct *task)
{ {
if (fc->flags & FUSE_ALLOW_OTHER) if (fc->flags & FUSE_ALLOW_OTHER)
return 1; return 1;
...@@ -1005,6 +1005,9 @@ static int fuse_setattr(struct dentry *entry, struct iattr *attr) ...@@ -1005,6 +1005,9 @@ static int fuse_setattr(struct dentry *entry, struct iattr *attr)
struct fuse_attr_out outarg; struct fuse_attr_out outarg;
int err; int err;
if (!fuse_allow_task(fc, current))
return -EACCES;
if (fc->flags & FUSE_DEFAULT_PERMISSIONS) { if (fc->flags & FUSE_DEFAULT_PERMISSIONS) {
err = inode_change_ok(inode, attr); err = inode_change_ok(inode, attr);
if (err) if (err)
...@@ -1172,6 +1175,9 @@ static ssize_t fuse_listxattr(struct dentry *entry, char *list, size_t size) ...@@ -1172,6 +1175,9 @@ static ssize_t fuse_listxattr(struct dentry *entry, char *list, size_t size)
struct fuse_getxattr_out outarg; struct fuse_getxattr_out outarg;
ssize_t ret; ssize_t ret;
if (!fuse_allow_task(fc, current))
return -EACCES;
if (fc->no_listxattr) if (fc->no_listxattr)
return -EOPNOTSUPP; return -EOPNOTSUPP;
......
...@@ -565,3 +565,8 @@ void fuse_ctl_remove_conn(struct fuse_conn *fc); ...@@ -565,3 +565,8 @@ void fuse_ctl_remove_conn(struct fuse_conn *fc);
* Is file type valid? * Is file type valid?
*/ */
int fuse_valid_type(int m); int fuse_valid_type(int m);
/**
* Is task allowed to perform filesystem operation?
*/
int fuse_allow_task(struct fuse_conn *fc, struct task_struct *task);
...@@ -287,6 +287,11 @@ static int fuse_statfs(struct dentry *dentry, struct kstatfs *buf) ...@@ -287,6 +287,11 @@ static int fuse_statfs(struct dentry *dentry, struct kstatfs *buf)
struct fuse_statfs_out outarg; struct fuse_statfs_out outarg;
int err; int err;
if (!fuse_allow_task(fc, current)) {
buf->f_type = FUSE_SUPER_MAGIC;
return 0;
}
req = fuse_get_req(fc); req = fuse_get_req(fc);
if (IS_ERR(req)) if (IS_ERR(req))
return PTR_ERR(req); return PTR_ERR(req);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment