git.fsl.cs.sunysb.edu Git - unionfs-2.6.39.y.git/commit

author	Andy Lutomirski <luto@amacapital.net>
	Tue, 10 Jun 2014 19:45:42 +0000 (12:45 -0700)
committer	Jiri Slaby <jslaby@suse.cz>
	Fri, 20 Jun 2014 15:34:15 +0000 (17:34 +0200)
commit	2246a472bce19c0d373fb5488a0e612e3328ce0a
tree	e32ba1986319c382ab288f41ecf7eb242b5899f5	tree \| snapshot
parent	21af26cb47416f782c39b4055eb7de21476838a5	commit \| diff

fs,userns: Change inode_capable to capable_wrt_inode_uidgid

commit 23adbe12ef7d3d4195e80800ab36b37bee28cd03 upstream.

The kernel has no concept of capabilities with respect to inodes; inodes
exist independently of namespaces. For example, inode_capable(inode,
CAP_LINUX_IMMUTABLE) would be nonsense.

This patch changes inode_capable to check for uid and gid mappings and
renames it to capable_wrt_inode_uidgid, which should make it more
obvious what it does.

Fixes CVE-2014-4014.

Cc: Theodore Ts'o <tytso@mit.edu>
Cc: Serge Hallyn <serge.hallyn@ubuntu.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Dave Chinner <david@fromorbit.com>
Signed-off-by: Andy Lutomirski <luto@amacapital.net>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Jiri Slaby <jslaby@suse.cz>

fs/attr.c		diff \| blob \| history
fs/inode.c		diff \| blob \| history
fs/namei.c		diff \| blob \| history
fs/xfs/xfs_ioctl.c		diff \| blob \| history
include/linux/capability.h		diff \| blob \| history
kernel/capability.c		diff \| blob \| history