提交 38b78a5f 编写于 作者: M Miklos Szeredi 提交者: Al Viro

ovl: ignore permissions on underlying lookup

Generally permission checking is not necessary when overlayfs looks up a
dentry on one of the underlying layers, since search permission on base
directory was already checked in ovl_permission().

More specifically using lookup_one_len() causes a problem when the lower
directory lacks search permission for a specific user while the upper
directory does have search permission.  Since lookups are cached, this
causes inconsistency in behavior: success depends on who did the first
lookup.

So instead use lookup_hash() which doesn't do the permission check.
Reported-by: NIgnacy Gawędzki <ignacy.gawedzki@green-communications.fr>
Signed-off-by: NMiklos Szeredi <mszeredi@redhat.com>
上级 3c9fe8cd
...@@ -411,9 +411,7 @@ static inline struct dentry *ovl_lookup_real(struct dentry *dir, ...@@ -411,9 +411,7 @@ static inline struct dentry *ovl_lookup_real(struct dentry *dir,
{ {
struct dentry *dentry; struct dentry *dentry;
inode_lock(dir->d_inode); dentry = lookup_hash(name, dir);
dentry = lookup_one_len(name->name, dir, name->len);
inode_unlock(dir->d_inode);
if (IS_ERR(dentry)) { if (IS_ERR(dentry)) {
if (PTR_ERR(dentry) == -ENOENT) if (PTR_ERR(dentry) == -ENOENT)
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册