Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-22 04:02:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
525bd65aa7
linux/fs/fuse
History
Eric Sandeen 525bd65aa7
fuse: verify {g,u}id mount options correctly 
As was done in
0200679fc7 ("tmpfs: verify {g,u}id mount options correctly")
we need to validate that the requested uid and/or gid is representable in
the filesystem's idmapping.

Cribbing from the above commit log,

The contract for {g,u}id mount options and {g,u}id values in general set
from userspace has always been that they are translated according to the
caller's idmapping. In so far, fuse has been doing the correct thing.
But since fuse is mountable in unprivileged contexts it is also
necessary to verify that the resulting {k,g}uid is representable in the
namespace of the superblock.

Fixes: c30da2e981 ("fuse: convert to use the new mount API")
Cc: stable@vger.kernel.org # 5.4+
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Link: https://lore.kernel.org/r/8f07d45d-c806-484d-a2e3-7a2199df1cd2@redhat.com
Reviewed-by: Christian Brauner <brauner@kernel.org>
Reviewed-by: Josef Bacik <josef@toxicpanda.com>
Signed-off-by: Christian Brauner <brauner@kernel.org>
2024-07-03 16:55:11 +02:00
..
acl.c fs.idmapped.v6.3 2023-02-20 11:53:11 -08:00
control.c fuse: remove unneeded lock which protecting update of congestion_threshold 2024-03-06 11:07:51 +01:00
cuse.c cuse: add kernel-doc comments to cuse_process_init_reply() 2024-04-15 11:02:10 +02:00
dax.c fuse: dax: set fc->dax to NULL in fuse_dax_conn_free() 2023-12-04 10:16:53 +01:00
dev.c fuse: clear FR_SENT when re-adding requests into pending list 2024-05-10 11:10:39 +02:00
dir.c fuse: fix leaked ENOSYS error on first statx call 2024-04-15 10:12:44 +02:00
file.c fuse: Convert fuse_readpages_end() to use folio_end_read() 2024-05-08 09:31:21 +02:00
fuse_i.h fuse: fix wrong ff->iomode state changes from parallel dio write 2024-04-15 10:12:03 +02:00
inode.c fuse: verify {g,u}id mount options correctly 2024-07-03 16:55:11 +02:00
ioctl.c fuse: Add initial support for fs-verity 2024-05-08 09:31:21 +02:00
iomode.c fuse: fix parallel dio write on file open in passthrough mode 2024-04-15 10:12:44 +02:00
Kconfig fuse: introduce FUSE_PASSTHROUGH capability 2024-02-23 17:36:32 +01:00
Makefile fuse: introduce FUSE_PASSTHROUGH capability 2024-02-23 17:36:32 +01:00
passthrough.c fuse: verify zero padding in fuse_backing_map 2024-04-22 17:13:43 +02:00
readdir.c fuse: get rid of ff->readdir.lock 2024-03-06 16:20:58 +01:00
virtio_fs.c virtio: features, fixes, cleanups 2024-05-23 12:04:36 -07:00
xattr.c fuse: move fuse_xattr_handlers to .rodata 2023-10-09 16:24:18 +02:00