Commit 38b78a5f authored May 11, 2016 by Miklos Szeredi Committed by Al Viro May 10, 2016

ovl: ignore permissions on underlying lookup



Generally permission checking is not necessary when overlayfs looks up a
dentry on one of the underlying layers, since search permission on base
directory was already checked in ovl_permission().

More specifically using lookup_one_len() causes a problem when the lower
directory lacks search permission for a specific user while the upper
directory does have search permission.  Since lookups are cached, this
causes inconsistency in behavior: success depends on who did the first
lookup.

So instead use lookup_hash() which doesn't do the permission check.

Reported-by: Ignacy Gawędzki <ignacy.gawedzki@green-communications.fr>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>

parent 3c9fe8cd

fs/overlayfs/super.c

+1 −3

Original line number	Diff line number	Diff line
		@@ -411,9 +411,7 @@ static inline struct dentry ovl_lookup_real(struct dentry dir,
		{
		struct dentry *dentry;

		inode_lock(dir->d_inode);
		dentry = lookup_one_len(name->name, dir, name->len);
		inode_unlock(dir->d_inode);
		dentry = lookup_hash(name, dir);

		if (IS_ERR(dentry)) {
		if (PTR_ERR(dentry) == -ENOENT)