On Sun, Feb 12, 2023 at 11:02:02AM +0200, Amir Goldstein wrote:
> Greg,
>
> These two patches have been (correctly) auto selected to 5.15.y
> along with the two dependency patches tagged with:
> Stable-dep-of: b306e90ffabd ("ovl: remove privs in ovl_copyfile()")
> 9636e70ee2d3 ("ovl: use ovl_copy_{real,upper}attr() wrappers")
> a54843833caf ("ovl: store lower path in ovl_inode")
>
> It wasn't wrong to apply those patches with the two dependencies
> to 5.15.y, but it is not as easy to do for 5.10.y, so here is a
> very simple backport of the two fixes to 5.10.y, i.e.:
> replaced ovl_copyattr(X) with ovl_copyattr(ovl_inode_real(X), X).
>
> Note that the language "This fixes some failure in fstests..."
> in commit message means that those fixes are not enough for the
> tests to pass. Additional backports from v6.2 are needed for the
> tests to pass and I am collaborating those backports with Leah,
> so they will hit 5.15.y first before posting them for 5.10.y.
>
> Never the less, these overlayfs fixes are important security
> fixes, so they should be applied to LTS kernel even before
> all the cases in the fstests are fixed.
>
> Thanks,
> Amir.
>
> Amir Goldstein (2):
> ovl: remove privs in ovl_copyfile()
> ovl: remove privs in ovl_fallocate()
>
> fs/overlayfs/file.c | 28 +++++++++++++++++++++++++---
> 1 file changed, 25 insertions(+), 3 deletions(-)
>
> --
> 2.34.1
>
Now queued up, thanks.
greg k-h
