github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-07 05:55:44 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph

ANDROID: inode_owner_or_capable called during execv

Browse Source 
Using old_creds as an indication that we are not overriding the
credentials, bypass call to inode_owner_or_capable.

Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Signed-off-by: John Stultz <john.stultz@linaro.org>
Bug: 169988379
Fixes: 05acefb487 ("ovl: check permission to open real file")
Fixes: 6120a4d780 ("FROMLIST: overlayfs: override_creds=off option bypass creator_cred")
Change-Id: I6e8630de7367c93553e13a5c39c8e7011e90880a
This commit is contained in:
John Stultz 2020-10-07 06:08:59 +00:00 committed by Mark Salyzyn
parent 38abe6e551
commit 710cc7493c
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
fs/overlayfs/file.c
View File

@ -53,7 +53,7 @@ static struct file *ovl_open_realfile(const struct file *file,
err = inode_permission(realinode, MAY_OPEN | acc_mode);
if (err) {
realfile = ERR_PTR(err);
} else if (!inode_owner_or_capable(realinode)) {
} else if (old_cred && !inode_owner_or_capable(realinode)) {
realfile = ERR_PTR(-EPERM);
} else {
realfile = open_with_fake_path(&file->f_path, flags, realinode,