On Tue, Aug 28, 2018 at 7:53 PM Mark Salyzyn <salyzyn@xxxxxxxxxxx> wrote:
>
> Assumption never checked, should fail if the mounter creds are not
> sufficient.
>
> Signed-off-by: Mark Salyzyn <salyzyn@xxxxxxxxxxx>
> Cc: Miklos Szeredi <miklos@xxxxxxxxxx>
> Cc: Jonathan Corbet <corbet@xxxxxxx>
> Cc: Vivek Goyal <vgoyal@xxxxxxxxxx>
> Cc: Eric W. Biederman <ebiederm@xxxxxxxxxxxx>
> Cc: Amir Goldstein <amir73il@xxxxxxxxx>
> Cc: Randy Dunlap <rdunlap@xxxxxxxxxxxxx>
> Cc: Stephen Smalley <sds@xxxxxxxxxxxxx>
> Cc: linux-unionfs@xxxxxxxxxxxxxxx
> Cc: linux-doc@xxxxxxxxxxxxxxx
> Cc: linux-kernel@xxxxxxxxxxxxxxx
>
> v5
> - dependency of "overlayfs: override_creds=off option bypass creator_cred"
> ---
> fs/overlayfs/overlayfs.h | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/fs/overlayfs/overlayfs.h b/fs/overlayfs/overlayfs.h
> index 7538b9b56237..bf3a80157d42 100644
> --- a/fs/overlayfs/overlayfs.h
> +++ b/fs/overlayfs/overlayfs.h
> @@ -176,7 +176,7 @@ static inline int ovl_do_rename(struct inode *olddir, struct dentry *olddentry,
>
> static inline int ovl_do_whiteout(struct inode *dir, struct dentry *dentry)
> {
> - int err = vfs_whiteout(dir, dentry);
> + int err = capable(CAP_MKNOD) ? vfs_whiteout(dir, dentry) : -EPERM;
Should that be ns_capable()? Should the test go into vfs_whiteout()?
I feel there is no convention at all.
Thanks,
Amir.
