xfs_io checks for CAP_SYS_ADMIN in order to open a
file_by_inode -- however, if the file one is opening
is owned by the user performing the call, the call should
not fail.
(i.e. it opens the user's own file).
patch against 5.10.2 is attached.
It gets rid of some unnecessary error messages if you
run xfs_restore to restore one of your own files.
--- fs/xfs/xfs_ioctl.c 2020-12-22 21:11:02.000000000 -0800
+++ fs/xfs/xfs_ioctl.c 2020-12-29 04:14:48.681102804 -0800
@@ -194,15 +194,21 @@
struct dentry *dentry;
fmode_t fmode;
struct path path;
+ bool conditional_perm = 0;
- if (!capable(CAP_SYS_ADMIN))
- return -EPERM;
+ if (!capable(CAP_SYS_ADMIN)) conditional_perm=1;
dentry = xfs_handlereq_to_dentry(parfilp, hreq);
if (IS_ERR(dentry))
return PTR_ERR(dentry);
inode = d_inode(dentry);
+ /* only allow user access to their own file */
+ if (conditional_perm && !inode_owner_or_capable(inode)) {
+ error = -EPERM;
+ goto out_dput;
+ }
+
/* Restrict xfs_open_by_handle to directories & regular files. */
if (!(S_ISREG(inode->i_mode) || S_ISDIR(inode->i_mode))) {
error = -EPERM;
