Unverified Commit 23a8ce16 authored by Amir Goldstein's avatar Amir Goldstein Committed by Christian Brauner (Microsoft)
Browse files

ovl: remove privs in ovl_fallocate() 



Underlying fs doesn't remove privs because fallocate is called with
privileged mounter credentials.

This fixes some failure in fstests generic/683..687.

Fixes: aab8848c ("ovl: add ovl_fallocate()")
Acked-by: default avatarMiklos Szeredi <mszeredi@redhat.com>
Signed-off-by: default avatarAmir Goldstein <amir73il@gmail.com>
Signed-off-by: default avatarChristian Brauner (Microsoft) <brauner@kernel.org>
parent b306e90f

fs/overlayfs/file.c

+11 −1
Original line number Diff line number Diff line
@@ -517,9 +517,16 @@ static long ovl_fallocate(struct file *file, int mode, loff_t offset, loff_t len 
	const struct cred *old_cred;

	int ret;



	inode_lock(inode);

	/* Update mode */

	ovl_copyattr(inode);

	ret = file_remove_privs(file);

	if (ret)

		goto out_unlock;



	ret = ovl_real_fdget(file, &real);

	if (ret)

		return ret;

		goto out_unlock;



	old_cred = ovl_override_creds(file_inode(file)->i_sb);

	ret = vfs_fallocate(real.file, mode, offset, len);
@@ -530,6 +537,9 @@ static long ovl_fallocate(struct file *file, int mode, loff_t offset, loff_t len 


	fdput(real);



out_unlock:

	inode_unlock(inode);



	return ret;

}