Proof-of-concept implementation of chown() for union mounts. Copies
up the target file even if later permission checks fail.
---
fs/open.c | 33 +++++++++++++++++++++++++++------
1 files changed, 27 insertions(+), 6 deletions(-)
diff --git a/fs/open.c b/fs/open.c
index e17f544..55d6b5b 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -30,6 +30,7 @@
#include <linux/falloc.h>
#include <linux/fs_struct.h>
#include <linux/ima.h>
+#include <linux/union.h>
#include "internal.h"
@@ -704,19 +705,39 @@ static int chown_common(struct path *path, uid_t user, gid_t group)
SYSCALL_DEFINE3(chown, const char __user *, filename, uid_t, user, gid_t, group)
{
- struct path path;
+ struct path parent;
+ struct path child;
+ struct vfsmount *mnt;
int error;
- error = user_path(filename, &path);
+ error = user_path_and_parent(AT_FDCWD, filename, 0, &parent, &child);
if (error)
goto out;
- error = mnt_want_write(path.mnt);
+
+ if (IS_MNT_UNION(parent.mnt))
+ mnt = parent.mnt;
+ else
+ mnt = child.mnt;
+
+ error = mnt_want_write(mnt);
if (error)
goto out_release;
- error = chown_common(&path, user, group);
- mnt_drop_write(path.mnt);
+ /*
+ * XXX Will copy up when operation fails, e.g., EPERM. We
+ * have to either (1) separate chown_common() into chown_ok()
+ * and chown_change(), or (2) push both parent and child path
+ * down into every check that could return failure. But this
+ * is good enough for a proof of concept.
+ */
+ error = union_copyup_path(&parent, &child);
+ if (error)
+ goto out_drop_write;
+ error = chown_common(&child, user, group);
+out_drop_write:
+ mnt_drop_write(mnt);
out_release:
- path_put(&path);
+ path_put(&child);
+ path_put(&parent);
out:
return error;
}
--
1.6.3.3
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
