q3k
/
linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
linux/fs
History
J. Bruce Fields d91d0b5690 nfsd: allow owner_override only for regular files 
We normally allow the owner of a file to override permissions checks on
IO operations, since:
	- the client will take responsibility for doing an access check
	  on open;
	- the permission checks offer no protection against malicious
	  clients--if they can authenticate as the file's owner then
	  they can always just change its permissions;
	- checking permission on each IO operation breaks the usual
	  posix rule that permission is checked only on open.

However, we've never allowed the owner to override permissions on
readdir operations, even though the above logic would also apply to
directories.  I've never heard of this causing a problem, probably
because a) simultaneously opening and creating a directory (with
restricted mode) isn't possible, and b) opening a directory, then
chmod'ing it, is rare.

Our disallowal of owner-override on directories appears to be an
accident, though--the readdir itself succeeds, and then we fail just
because lookup_one_len() calls in our filldir methods fail.

I'm not sure what the easiest fix for that would be.  For now, just make
this behavior obvious by denying the override right at the start.

This also fixes some odd v4 behavior: with the rdattr_error attribute
requested, it would perform the readdir but return an ACCES error with
each entry.

Signed-off-by: J. Bruce Fields <bfields@redhat.com>
 		2012-07-10 16:41:35 -04:00
..
9p kill v9fs_dentry_from_dir_inode() 2012-05-29 23:28:34 -04:00
adfs
affs affs: bury unused macros 2012-05-29 23:28:34 -04:00
afs vfs: Rename end_writeback() to clear_inode() 2012-05-06 13:43:41 +08:00
autofs4 avoid iput() from flusher thread 2012-05-28 09:54:45 -07:00
befs
bfs vfs: Rename end_writeback() to clear_inode() 2012-05-06 13:43:41 +08:00
btrfs Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs 2012-06-16 17:01:41 -07:00
cachefiles
ceph Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2012-06-01 10:34:35 -07:00
cifs CIFS: Move get_next_mid to ops struct 2012-06-01 12:35:19 -05:00
coda vfs: Rename end_writeback() to clear_inode() 2012-05-06 13:43:41 +08:00
configfs
cramfs Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2012-03-21 13:36:41 -07:00
debugfs debugfs: Add support to print u32 array in debugfs 2012-04-17 00:18:36 -04:00
devpts userns: Convert devpts to use kuid/kgid where appropriate 2012-05-15 14:59:26 -07:00
dlm dlm: NULL dereference on failure in kmem_cache_create() 2012-05-15 10:39:28 -05:00
ecryptfs get rid of pointless allocations and copying in ecryptfs_follow_link() 2012-05-29 23:28:40 -04:00
efs
exofs exofs: fix sparse non-ANSI function warning 2012-06-12 06:33:22 +03:00
exportfs ->encode_fh() API change 2012-05-29 23:28:33 -04:00
ext2 avoid iput() from flusher thread 2012-05-28 09:54:45 -07:00
ext3 avoid iput() from flusher thread 2012-05-28 09:54:45 -07:00
ext4 ext4: don't set i_flags in EXT4_IOC_SETFLAGS 2012-06-07 19:04:19 -04:00
fat Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2012-06-01 10:34:35 -07:00
freevxfs vfs: Rename end_writeback() to clear_inode() 2012-05-06 13:43:41 +08:00
fscache
fuse Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse 2012-06-05 10:11:11 -07:00
gfs2 ->encode_fh() API change 2012-05-29 23:28:33 -04:00
hfs vfs: Rename end_writeback() to clear_inode() 2012-05-06 13:43:41 +08:00
hfsplus hfsplus: fix bless ioctl when used with hardlinks 2012-06-17 14:39:59 -07:00
hostfs vfs: Rename end_writeback() to clear_inode() 2012-05-06 13:43:41 +08:00
hpfs Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2012-06-01 10:34:35 -07:00
hppfs vfs: Rename end_writeback() to clear_inode() 2012-05-06 13:43:41 +08:00
hugetlbfs avoid iput() from flusher thread 2012-05-28 09:54:45 -07:00
isofs ->encode_fh() API change 2012-05-29 23:28:33 -04:00
jbd jbd: Write journal superblock with WRITE_FUA after checkpointing 2012-05-15 23:34:37 +02:00
jbd2 jbd2: use kmem_cache_zalloc wrapper instead of flag 2012-06-01 00:10:32 -04:00
jffs2 - More robust parsing especially of xattr data in JFFS2 2012-06-01 16:55:42 -07:00
jfs vfs: Rename end_writeback() to clear_inode() 2012-05-06 13:43:41 +08:00
lockd Merge branch 'for-3.5' of git://linux-nfs.org/~bfields/linux 2012-06-01 08:32:58 -07:00
logfs vfs: Rename end_writeback() to clear_inode() 2012-05-06 13:43:41 +08:00
minix vfs: Rename end_writeback() to clear_inode() 2012-05-06 13:43:41 +08:00
ncpfs fs: introduce inode operation ->update_time 2012-06-01 12:07:25 -04:00
nfs NFS client bugfixes for Linux 3.5 2012-06-15 17:37:23 -07:00
nfs_common
nfsd nfsd: allow owner_override only for regular files 2012-07-10 16:41:35 -04:00
nilfs2 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2012-06-01 10:34:35 -07:00
nls nls: fix (and rename) mac NLS table files and config options 2012-06-01 19:51:22 -07:00
notify fsnotify: remove unused parameter from send_to_group() 2012-05-30 21:04:53 -04:00
ntfs fs: introduce inode operation ->update_time 2012-06-01 12:07:25 -04:00
ocfs2 ocfs: simplify symlink handling 2012-05-29 23:28:40 -04:00
omfs vfs: Rename end_writeback() to clear_inode() 2012-05-06 13:43:41 +08:00
openpromfs
proc vfs: Fix /proc/<tid>/fdinfo/<fd> file handling 2012-06-04 11:00:45 -07:00
pstore avoid iput() from flusher thread 2012-05-28 09:54:45 -07:00
qnx4 qnx4: new helper - try_extent() 2012-03-20 21:29:52 -04:00
qnx6
quota quota: Get rid of nested I_MUTEX_QUOTA locking subclass 2012-05-15 23:34:39 +02:00
ramfs
reiserfs reiserfs: get rid of resierfs_sync_super 2012-06-01 10:37:36 -04:00
romfs MTD merge for 3.4 2012-03-30 17:31:56 -07:00
squashfs Add an extra mount time sanity check, plus some code cleanups and bug fixes. 2012-03-28 18:05:54 -07:00
sysfs avoid iput() from flusher thread 2012-05-28 09:54:45 -07:00
sysv vfs: Rename end_writeback() to clear_inode() 2012-05-06 13:43:41 +08:00
ubifs UBIFS: fix debugfs-less systems support 2012-06-07 10:43:54 +03:00
udf ->encode_fh() API change 2012-05-29 23:28:33 -04:00
ufs avoid iput() from flusher thread 2012-05-28 09:54:45 -07:00
xfs fs: introduce inode operation ->update_time 2012-06-01 12:07:25 -04:00
Kconfig Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2012-03-21 13:36:41 -07:00
Kconfig.binfmt C6X: add support to build with BINFMT_ELF_FDPIC 2012-05-15 09:17:34 -04:00
Makefile
aio.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2012-06-01 10:34:35 -07:00
anon_inodes.c
attr.c vfs: increment iversion when a file is truncated 2012-05-30 21:04:53 -04:00
bad_inode.c mm/fs: remove truncate_range 2012-05-29 16:22:23 -07:00
binfmt_aout.c VM: add "vm_mmap()" helper function 2012-04-20 17:29:13 -07:00
binfmt_elf.c binfmt_elf: switch elf_map() to vm_mmap/vm_munmap 2012-05-30 21:04:55 -04:00
binfmt_elf_fdpic.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2012-05-23 17:42:39 -07:00
binfmt_em86.c
binfmt_flat.c binfmt_flat: use vm_munmap, we are missing ->mmap_sem there 2012-05-30 21:04:56 -04:00
binfmt_misc.c vfs: Rename end_writeback() to clear_inode() 2012-05-06 13:43:41 +08:00
binfmt_script.c
binfmt_som.c VM: add "vm_mmap()" helper function 2012-04-20 17:29:13 -07:00
bio-integrity.c
bio.c Merge branch 'for-3.5/core' of git://git.kernel.dk/linux-block 2012-05-30 08:52:42 -07:00
block_dev.c avoid iput() from flusher thread 2012-05-28 09:54:45 -07:00
buffer.c fs: Move bh_cachep to the __read_mostly section 2012-05-30 21:04:52 -04:00
char_dev.c
compat.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/signal 2012-06-01 11:53:44 -07:00
compat_binfmt_elf.c
compat_ioctl.c The following text was taken from the original review request: 2012-03-24 10:24:31 -07:00
dcache.c Revert "vfs: stop d_splice_alias creating directory aliases" 2012-06-08 10:34:03 -07:00
dcookies.c
direct-io.c NFS: Ensure that setattr and getattr wait for O_DIRECT write completion 2012-05-31 11:41:36 -07:00
drop_caches.c
eventfd.c eventfd: change int to __u64 in eventfd_signal() 2012-05-31 17:49:32 -07:00
eventpoll.c HAVE_RESTORE_SIGMASK is defined on all architectures now 2012-06-01 12:58:46 -04:00
exec.c Revert "mm: correctly synchronize rss-counters at exit/exec" 2012-06-07 17:54:07 -07:00
fcntl.c switch fcntl to fget_raw_light/fput_light 2012-05-29 23:28:30 -04:00
fhandle.c
fifo.c
file.c Merge branch 'x86-x32-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2012-03-29 18:12:23 -07:00
file_table.c brlocks/lglocks: API cleanups 2012-05-29 23:28:41 -04:00
filesystems.c
fs-writeback.c writeback: Fix lock imbalance in writeback_sb_inodes() 2012-06-09 08:32:15 +09:00
fs_struct.c The following text was taken from the original review request: 2012-03-24 10:24:31 -07:00
generic_acl.c
inode.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2012-06-01 10:34:35 -07:00
internal.h vfs: split __dentry_open() 2012-06-01 12:12:00 -04:00
ioctl.c
ioprio.c Merge branch 'for-3.5/core' of git://git.kernel.dk/linux-block 2012-05-30 08:52:42 -07:00
libfs.c vfs: make it possible to access the dentry hash/len as one 64-bit entry 2012-05-10 19:54:35 -07:00
locks.c switch flock to fget_light/fput_light 2012-05-29 23:28:31 -04:00
mbcache.c
mount.h
mpage.c
namei.c vfs: retry last component if opening stale dentry 2012-06-01 12:12:01 -04:00
namespace.c vfs: umount_tree() might be called on subtree that had never made it 2012-05-30 21:04:55 -04:00
no-block.c
open.c vfs: nameidata_to_filp(): don't throw away file on error 2012-06-01 12:12:01 -04:00
pipe.c fs: introduce inode operation ->update_time 2012-06-01 12:07:25 -04:00
pnode.c brlocks/lglocks: API cleanups 2012-05-29 23:28:41 -04:00
pnode.h
posix_acl.c
proc_namespace.c brlocks/lglocks: API cleanups 2012-05-29 23:28:41 -04:00
read_write.c aio/vfs: cleanup of rw_copy_check_uvector() and compat_rw_copy_check_uvector() 2012-05-31 17:49:32 -07:00
read_write.h
readdir.c switch readdir/getdents to fget_light/fput_light 2012-05-29 23:28:29 -04:00
select.c HAVE_RESTORE_SIGMASK is defined on all architectures now 2012-06-01 12:58:46 -04:00
seq_file.c The following text was taken from the original review request: 2012-03-24 10:24:31 -07:00
signalfd.c switch signalfd4() to fget_light/fput_light 2012-05-29 23:28:30 -04:00
splice.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2012-06-01 10:34:35 -07:00
stack.c
stat.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2012-05-23 17:42:39 -07:00
statfs.c switch statfs to fget_light/fput_light 2012-05-29 23:28:31 -04:00
super.c The following text was taken from the original review request: 2012-03-24 10:24:31 -07:00
sync.c switch do_fsync() to fget_light() 2012-05-29 23:28:29 -04:00
timerfd.c
utimes.c switch utimes() to fget_light/fput_light 2012-05-29 23:28:32 -04:00
xattr.c switch xattr syscalls to fget_light/fput_light 2012-05-29 23:28:30 -04:00
xattr_acl.c