summaryrefslogtreecommitdiff
path: root/fs/overlayfs
diff options
context:
space:
mode:
authorMiklos Szeredi <mszeredi@redhat.com>2016-05-11 01:16:37 +0200
committerAl Viro <viro@zeniv.linux.org.uk>2016-05-10 23:58:18 -0400
commit38b78a5f18584db6fa7441e0f4531b283b0e6725 (patch)
treecdb15adf5fe5c201c87d17c7847cf07484d8a441 /fs/overlayfs
parent3c9fe8cdff1b889a059a30d22f130372f2b3885f (diff)
downloadlwn-38b78a5f18584db6fa7441e0f4531b283b0e6725.tar.gz
lwn-38b78a5f18584db6fa7441e0f4531b283b0e6725.zip
ovl: ignore permissions on underlying lookup
Generally permission checking is not necessary when overlayfs looks up a dentry on one of the underlying layers, since search permission on base directory was already checked in ovl_permission(). More specifically using lookup_one_len() causes a problem when the lower directory lacks search permission for a specific user while the upper directory does have search permission. Since lookups are cached, this causes inconsistency in behavior: success depends on who did the first lookup. So instead use lookup_hash() which doesn't do the permission check. Reported-by: Ignacy Gawędzki <ignacy.gawedzki@green-communications.fr> Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Diffstat (limited to 'fs/overlayfs')
-rw-r--r--fs/overlayfs/super.c4
1 files changed, 1 insertions, 3 deletions
diff --git a/fs/overlayfs/super.c b/fs/overlayfs/super.c
index 5d972e6cd3fe..791235e03d17 100644
--- a/fs/overlayfs/super.c
+++ b/fs/overlayfs/super.c
@@ -411,9 +411,7 @@ static inline struct dentry *ovl_lookup_real(struct dentry *dir,
{
struct dentry *dentry;
- inode_lock(dir->d_inode);
- dentry = lookup_one_len(name->name, dir, name->len);
- inode_unlock(dir->d_inode);
+ dentry = lookup_hash(name, dir);
if (IS_ERR(dentry)) {
if (PTR_ERR(dentry) == -ENOENT)