ovl: dilute permission checks on lower only if not special file

Right now if file is on lower/, we remove MAY_WRITE/MAY_APPEND bits from mask as lower/ will never be written and file will be copied up. But this is not true for special files. These files are not copied up and are opened in place. So don't dilute the checks for these types of files. Reported-by: Dan Walsh <[email protected]> Signed-off-by: Vivek Goyal <[email protected]> Signed-off-by: Miklos Szeredi <[email protected]>
akeromi · Jul 29, 2016 · e29841a · e29841a
1 parent d837a49
commit e29841a
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/fs/overlayfs/inode.c b/fs/overlayfs/inode.c
@@ -137,7 +137,7 @@ int ovl_permission(struct inode *inode, int mask)
 		return err;
 
 	old_cred = ovl_override_creds(inode->i_sb);
-	if (!is_upper)
+	if (!is_upper && !special_file(realinode->i_mode))
 		mask &= ~(MAY_WRITE | MAY_APPEND);
 	err = inode_permission(realinode, mask);
 	revert_creds(old_cred);