[SRU][UNSTABLE][PATCH] UBUNTU: SAUCE: shiftfs: record correct creator credentials

Christian Brauner christian at brauner.io
Fri Apr 10 14:55:28 UTC 2020 

From: Christian Brauner <christian.brauner at ubuntu.com>

BugLink: https://bugs.launchpad.net/bugs/1872094

When shiftfs is nested we failed to be able to create any files or
access directories because we recorded the wrong creator credentials. We
need to record the credentials of the creator of the lowers mark mount
of shiftfs. Otherwise we aren't privileged wrt to the shiftfs layer in
the nesting case. This is similar to how we always record the user
namespace of the base filesystem.

Suggested-by: Seth Forshee <seth.forshee at canonical.com>
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
 fs/shiftfs.c | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/fs/shiftfs.c b/fs/shiftfs.c
index 3623d02b061e..5c39529d0a17 100644
--- a/fs/shiftfs.c
+++ b/fs/shiftfs.c
@@ -2020,6 +2020,7 @@ static int shiftfs_fill_super(struct super_block *sb, void *raw_data,
 			 * parent mark mountpoint.
 			 */
 			sbinfo->passthrough_mark = sbinfo_mp->passthrough_mark;
+			sbinfo->creator_cred = get_cred(sbinfo_mp->creator_cred);
 		} else {
 			sbinfo->mnt = mntget(path.mnt);
 			dentry = dget(path.dentry);
@@ -2028,16 +2029,16 @@ static int shiftfs_fill_super(struct super_block *sb, void *raw_data,
 			 * are identical.
 			 */
 			sbinfo->passthrough_mark = sbinfo->passthrough;
-		}
 
-		cred_tmp = prepare_creds();
-		if (!cred_tmp) {
-			err = -ENOMEM;
-			goto out_put_path;
+			cred_tmp = prepare_creds();
+			if (!cred_tmp) {
+				err = -ENOMEM;
+				goto out_put_path;
+			}
+			/* Don't override disk quota limits or use reserved space. */
+			cap_lower(cred_tmp->cap_effective, CAP_SYS_RESOURCE);
+			sbinfo->creator_cred = cred_tmp;
 		}
-		/* Don't override disk quota limits or use reserved space. */
-		cap_lower(cred_tmp->cap_effective, CAP_SYS_RESOURCE);
-		sbinfo->creator_cred = cred_tmp;
 	} else {
 		/*
 		 * This leg executes if we're admin capable in the namespace,

base-commit: eb813ecd261d2c4c592bd4116aaa93f33c9ec4bd
-- 
2.26.0

More information about the kernel-team mailing list