linux-stable.git - Linux kernel stable tree

diff options

author	Mickaël Salaün <mic@digikod.net>	2022-09-29 12:04:47 +0200
committer	Steve French <stfrench@microsoft.com>	2022-10-05 01:15:44 -0500
commit	7c88c1e0ab1704bacb751341ee6431c3be34b834 (patch)
tree	3e6b5c180680a4148de026106502dd32fdaba9dc /fs/ksmbd/vfs.h
parent	5876e99611a91dfb2fb1f7af9d1ae5c017c8331c (diff)
download	linux-stable-7c88c1e0ab1704bacb751341ee6431c3be34b834.tar.gz linux-stable-7c88c1e0ab1704bacb751341ee6431c3be34b834.tar.bz2 linux-stable-7c88c1e0ab1704bacb751341ee6431c3be34b834.zip

ksmbd: Fix user namespace mapping

A kernel daemon should not rely on the current thread, which is unknown and might be malicious. Before this security fix, ksmbd_override_fsids() didn't correctly override FS UID/GID which means that arbitrary user space threads could trick the kernel to impersonate arbitrary users or groups for file system access checks, leading to file system access bypass. This was found while investigating truncate support for Landlock: https://lore.kernel.org/r/CAKYAXd8fpMJ7guizOjHgxEyyjoUwPsx3jLOPZP=wPYcbhkVXqA@mail.gmail.com Fixes: e2f34481b24d ("cifsd: add server-side procedures for SMB3") Cc: Hyunchul Lee <hyc.lee@gmail.com> Cc: Steve French <smfrench@gmail.com> Cc: stable@vger.kernel.org Signed-off-by: Mickaël Salaün <mic@digikod.net> Link: https://lore.kernel.org/r/20220929100447.108468-1-mic@digikod.net Acked-by: Christian Brauner (Microsoft) <brauner@kernel.org> Acked-by: Namjae Jeon <linkinjeon@kernel.org> Signed-off-by: Steve French <stfrench@microsoft.com>

Diffstat (limited to 'fs/ksmbd/vfs.h')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: