fuse: fix allowing operations
The following operation didn't check if sending the request was allowed: setattr listxattr statfs Some other operations don't explicitly do the check, but VFS calls ->permission() which checks this. Signed-off-by: Miklos Szeredi <mszeredi@suse.cz> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
parent
42a2b6ad71
commit
e57ac68378
3 changed files with 17 additions and 1 deletions
|
@ -721,7 +721,7 @@ static int fuse_refresh_attributes(struct inode *inode)
|
||||||
* for which the owner of the mount has ptrace privilege. This
|
* for which the owner of the mount has ptrace privilege. This
|
||||||
* excludes processes started by other users, suid or sgid processes.
|
* excludes processes started by other users, suid or sgid processes.
|
||||||
*/
|
*/
|
||||||
static int fuse_allow_task(struct fuse_conn *fc, struct task_struct *task)
|
int fuse_allow_task(struct fuse_conn *fc, struct task_struct *task)
|
||||||
{
|
{
|
||||||
if (fc->flags & FUSE_ALLOW_OTHER)
|
if (fc->flags & FUSE_ALLOW_OTHER)
|
||||||
return 1;
|
return 1;
|
||||||
|
@ -1005,6 +1005,9 @@ static int fuse_setattr(struct dentry *entry, struct iattr *attr)
|
||||||
struct fuse_attr_out outarg;
|
struct fuse_attr_out outarg;
|
||||||
int err;
|
int err;
|
||||||
|
|
||||||
|
if (!fuse_allow_task(fc, current))
|
||||||
|
return -EACCES;
|
||||||
|
|
||||||
if (fc->flags & FUSE_DEFAULT_PERMISSIONS) {
|
if (fc->flags & FUSE_DEFAULT_PERMISSIONS) {
|
||||||
err = inode_change_ok(inode, attr);
|
err = inode_change_ok(inode, attr);
|
||||||
if (err)
|
if (err)
|
||||||
|
@ -1172,6 +1175,9 @@ static ssize_t fuse_listxattr(struct dentry *entry, char *list, size_t size)
|
||||||
struct fuse_getxattr_out outarg;
|
struct fuse_getxattr_out outarg;
|
||||||
ssize_t ret;
|
ssize_t ret;
|
||||||
|
|
||||||
|
if (!fuse_allow_task(fc, current))
|
||||||
|
return -EACCES;
|
||||||
|
|
||||||
if (fc->no_listxattr)
|
if (fc->no_listxattr)
|
||||||
return -EOPNOTSUPP;
|
return -EOPNOTSUPP;
|
||||||
|
|
||||||
|
|
|
@ -565,3 +565,8 @@ void fuse_ctl_remove_conn(struct fuse_conn *fc);
|
||||||
* Is file type valid?
|
* Is file type valid?
|
||||||
*/
|
*/
|
||||||
int fuse_valid_type(int m);
|
int fuse_valid_type(int m);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Is task allowed to perform filesystem operation?
|
||||||
|
*/
|
||||||
|
int fuse_allow_task(struct fuse_conn *fc, struct task_struct *task);
|
||||||
|
|
|
@ -287,6 +287,11 @@ static int fuse_statfs(struct dentry *dentry, struct kstatfs *buf)
|
||||||
struct fuse_statfs_out outarg;
|
struct fuse_statfs_out outarg;
|
||||||
int err;
|
int err;
|
||||||
|
|
||||||
|
if (!fuse_allow_task(fc, current)) {
|
||||||
|
buf->f_type = FUSE_SUPER_MAGIC;
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
req = fuse_get_req(fc);
|
req = fuse_get_req(fc);
|
||||||
if (IS_ERR(req))
|
if (IS_ERR(req))
|
||||||
return PTR_ERR(req);
|
return PTR_ERR(req);
|
||||||
|
|
Loading…
Reference in a new issue