Commit 554677b9 authored by Miklos Szeredi's avatar Miklos Szeredi
Browse files

ovl: perform vfs_getxattr() with mounter creds 



The vfs_getxattr() in ovl_xattr_set() is used to check whether an xattr
exist on a lower layer file that is to be removed.  If the xattr does not
exist, then no need to copy up the file.

This call of vfs_getxattr() wasn't wrapped in credential override, and this
is probably okay.  But for consitency wrap this instance as well.

Reported-by: default avatar"Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: default avatarMiklos Szeredi <mszeredi@redhat.com>
parent 9efb069d

fs/overlayfs/inode.c

+2 −0
Original line number Diff line number Diff line
@@ -352,7 +352,9 @@ int ovl_xattr_set(struct dentry *dentry, struct inode *inode, const char *name, 
		goto out;



	if (!value && !upperdentry) {

		old_cred = ovl_override_creds(dentry->d_sb);

		err = vfs_getxattr(realdentry, name, NULL, 0);

		revert_creds(old_cred);

		if (err < 0)

			goto out_drop_write;

	}