Add checks to inode_change_ok to verify that uid and gid changes will map into the superblock's user namespace. If they do not fail with -EOVERFLOW. This cannot be overriden with ATTR_FORCE.
Signed-off-by: Seth Forshee <[email protected]> Acked-by: Serge Hallyn <[email protected]> Signed-off-by: Pavel Tikhomirov <[email protected]> --- fs/attr.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/fs/attr.c b/fs/attr.c index 7262f3b..14c45f5 100644 --- a/fs/attr.c +++ b/fs/attr.c @@ -42,6 +42,17 @@ int inode_change_ok(const struct inode *inode, struct iattr *attr) return error; } + /* + * Verify that uid/gid changes are valid in the target namespace + * of the superblock. This cannot be overriden using ATTR_FORCE. + */ + if (ia_valid & ATTR_UID && + from_kuid(inode->i_sb->s_user_ns, attr->ia_uid) == (uid_t)-1) + return -EOVERFLOW; + if (ia_valid & ATTR_GID && + from_kgid(inode->i_sb->s_user_ns, attr->ia_gid) == (gid_t)-1) + return -EOVERFLOW; + /* If force is set do it anyway. */ if (ia_valid & ATTR_FORCE) return 0; -- 1.9.3 _______________________________________________ Devel mailing list [email protected] https://lists.openvz.org/mailman/listinfo/devel
