redonkable
/
remarkable-linux
1
0
Fork 0
Code Releases Activity
remarkable-linux/fs/afs
History
David Howells e36bc9930d afs: Fix directory permissions check 
[ Upstream commit 378831e4da ]

Doing faccessat("/afs/some/directory", 0) triggers a BUG in the permissions
check code.

Fix this by just removing the BUG section.  If no permissions are asked
for, just return okay if the file exists.

Also:

 (1) Split up the directory check so that it has separate if-statements
     rather than if-else-if (e.g. checking for MAY_EXEC shouldn't skip the
     check for MAY_READ and MAY_WRITE).

 (2) Check for MAY_CHDIR as MAY_EXEC.

Without the main fix, the following BUG may occur:

 kernel BUG at fs/afs/security.c:386!
 invalid opcode: 0000 [#1] SMP PTI
 ...
 RIP: 0010:afs_permission+0x19d/0x1a0 [kafs]
 ...
 Call Trace:
  ? inode_permission+0xbe/0x180
  ? do_faccessat+0xdc/0x270
  ? do_syscall_64+0x60/0x1f0
  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe

Fixes: 00d3b7a453 ("[AFS]: Add security support.")
Reported-by: Jonathan Billings <jsbillings@jsbillings.org>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2018-07-08 15:30:51 +02:00
..
Kconfig fs/afs: remove depends on CONFIG_EXPERIMENTAL 2013-01-21 14:39:04 -08:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
afs.h afs: Support interacting with multiple user namespaces 2013-02-13 06:00:51 -08:00
afs_cm.h afs: support the CB.ProbeUuid RPC op 2008-04-29 08:06:26 -07:00
afs_fs.h AFS: implement file locking 2007-07-16 09:05:43 -07:00
afs_vl.h AFS: Fix silly characters in a comment 2011-07-20 20:48:03 -04:00
cache.c fscache: remove unused ->now_uncached callback 2017-09-06 17:27:26 -07:00
callback.c afs: Migrate vlocation fields to 64-bit 2017-03-16 16:27:46 +00:00
cell.c FS-Cache: Provide the ability to enable/disable cookies 2013-09-27 18:40:25 +01:00
cmservice.c afs: Connect up the CB.ProbeUuid 2017-12-14 09:53:15 +01:00
dir.c afs: Add metadata xattrs 2017-07-09 14:40:12 -07:00
file.c afs: Add metadata xattrs 2017-07-09 14:40:12 -07:00
flock.c fs/afs/flock: Remove deprecated create_singlethread_workqueue 2016-09-04 21:41:39 +01:00
fsclient.c afs: Populate and use client modification time 2017-03-16 16:27:47 +00:00
inode.c afs: Add metadata xattrs 2017-07-09 14:40:12 -07:00
internal.h afs: Add metadata xattrs 2017-07-09 14:40:12 -07:00
main.c uuid,afs: move struct uuid_v1 back into afs 2017-06-05 16:56:34 +02:00
misc.c rxrpc: Move the packet.h include file into net/rxrpc/ 2017-07-21 11:00:20 +01:00
mntpt.c afs: Add metadata xattrs 2017-07-09 14:40:12 -07:00
netdevices.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
proc.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
rxrpc.c afs: Fix the non-encryption of calls 2018-06-21 04:02:59 +09:00
security.c afs: Fix directory permissions check 2018-07-08 15:30:51 +02:00
server.c afs: Migrate vlocation fields to 64-bit 2017-03-16 16:27:46 +00:00
super.c Merge branch 'work.mount' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-07-15 12:00:42 -07:00
vlclient.c afs: Kill afs_wait_mode 2017-01-09 11:10:02 +00:00
vlocation.c afs: Migrate vlocation fields to 64-bit 2017-03-16 16:27:46 +00:00
vnode.c afs: Kill afs_wait_mode 2017-01-09 11:10:02 +00:00
volume.c afs: Convert to separately allocated bdi 2017-04-20 12:09:55 -06:00
write.c afs: Fix missing error handling in afs_write_end() 2018-03-03 10:24:32 +01:00
xattr.c afs: Add metadata xattrs 2017-07-09 14:40:12 -07:00