linux-hardened/fs/overlayfs
Miklos Szeredi 38b78a5f18 ovl: ignore permissions on underlying lookup
Generally permission checking is not necessary when overlayfs looks up a
dentry on one of the underlying layers, since search permission on base
directory was already checked in ovl_permission().

More specifically using lookup_one_len() causes a problem when the lower
directory lacks search permission for a specific user while the upper
directory does have search permission.  Since lookups are cached, this
causes inconsistency in behavior: success depends on who did the first
lookup.

So instead use lookup_hash() which doesn't do the permission check.

Reported-by: Ignacy Gawędzki <ignacy.gawedzki@green-communications.fr>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2016-05-10 23:58:18 -04:00
..
copy_up.c ovl: fixed coding style warning 2016-03-21 17:31:45 +01:00
dir.c ovl: cleanup unused var in rename2 2016-03-21 17:31:46 +01:00
inode.c ovl: copy new uid/gid into overlayfs runtime inode 2016-03-03 17:17:46 +01:00
Kconfig ovl: rename filesystem type to "overlay" 2014-11-20 16:39:59 +01:00
Makefile ovl: rename filesystem type to "overlay" 2014-11-20 16:39:59 +01:00
overlayfs.h ovl: Ensure upper filesystem supports d_type 2016-03-21 17:31:45 +01:00
readdir.c ovl: rename is_merge to is_lowest 2016-03-21 17:31:46 +01:00
super.c ovl: ignore permissions on underlying lookup 2016-05-10 23:58:18 -04:00