On Tue, Aug 28, 2018 at 8:43 PM Amir Goldstein <amir73il@xxxxxxxxx> wrote:
>
> On Tue, Aug 28, 2018 at 7:53 PM Mark Salyzyn <salyzyn@xxxxxxxxxxx> wrote:
> >
> > Assumption never checked, should fail if the mounter creds are not
> > sufficient.
> >
> > Signed-off-by: Mark Salyzyn <salyzyn@xxxxxxxxxxx>
> > Cc: Miklos Szeredi <miklos@xxxxxxxxxx>
> > Cc: Jonathan Corbet <corbet@xxxxxxx>
> > Cc: Vivek Goyal <vgoyal@xxxxxxxxxx>
> > Cc: Eric W. Biederman <ebiederm@xxxxxxxxxxxx>
> > Cc: Amir Goldstein <amir73il@xxxxxxxxx>
> > Cc: Randy Dunlap <rdunlap@xxxxxxxxxxxxx>
> > Cc: Stephen Smalley <sds@xxxxxxxxxxxxx>
> > Cc: linux-unionfs@xxxxxxxxxxxxxxx
> > Cc: linux-doc@xxxxxxxxxxxxxxx
> > Cc: linux-kernel@xxxxxxxxxxxxxxx
> >
> > v5
> > - dependency of "overlayfs: override_creds=off option bypass creator_cred"
> > ---
> > fs/overlayfs/overlayfs.h | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/fs/overlayfs/overlayfs.h b/fs/overlayfs/overlayfs.h
> > index 7538b9b56237..bf3a80157d42 100644
> > --- a/fs/overlayfs/overlayfs.h
> > +++ b/fs/overlayfs/overlayfs.h
> > @@ -176,7 +176,7 @@ static inline int ovl_do_rename(struct inode *olddir, struct dentry *olddentry,
> >
> > static inline int ovl_do_whiteout(struct inode *dir, struct dentry *dentry)
> > {
> > - int err = vfs_whiteout(dir, dentry);
> > + int err = capable(CAP_MKNOD) ? vfs_whiteout(dir, dentry) : -EPERM;
>
> Should that be ns_capable()? Should the test go into vfs_whiteout()?
> I feel there is no convention at all.
>
Nevermind, I don't think creating a whiteout poses any risk, so don't think
we need to worry about CAP_MKNOD.
Thanks,
Amir.
