diff options
Diffstat (limited to 'fs/overlayfs')
| -rw-r--r-- | fs/overlayfs/file.c | 4 | ||||
| -rw-r--r-- | fs/overlayfs/inode.c | 2 | ||||
| -rw-r--r-- | fs/overlayfs/util.c | 3 |
3 files changed, 3 insertions, 6 deletions
diff --git a/fs/overlayfs/file.c b/fs/overlayfs/file.c index f69d5740c3c4..7c04f033aadd 100644 --- a/fs/overlayfs/file.c +++ b/fs/overlayfs/file.c @@ -43,7 +43,6 @@ static struct file *ovl_open_realfile(const struct file *file, struct inode *realinode = d_inode(realpath->dentry); struct inode *inode = file_inode(file); struct mnt_idmap *real_idmap; - struct user_namespace *real_mnt_userns; struct file *realfile; const struct cred *old_cred; int flags = file->f_flags | OVL_OPEN_FLAGS; @@ -55,12 +54,11 @@ static struct file *ovl_open_realfile(const struct file *file, old_cred = ovl_override_creds(inode->i_sb); real_idmap = mnt_idmap(realpath->mnt); - real_mnt_userns = mnt_idmap_owner(real_idmap); err = inode_permission(real_idmap, realinode, MAY_OPEN | acc_mode); if (err) { realfile = ERR_PTR(err); } else { - if (!inode_owner_or_capable(real_mnt_userns, realinode)) + if (!inode_owner_or_capable(real_idmap, realinode)) flags &= ~O_NOATIME; realfile = open_with_fake_path(&file->f_path, flags, realinode, diff --git a/fs/overlayfs/inode.c b/fs/overlayfs/inode.c index d906cf073fba..3ba3110243d1 100644 --- a/fs/overlayfs/inode.c +++ b/fs/overlayfs/inode.c @@ -667,7 +667,7 @@ int ovl_set_acl(struct mnt_idmap *idmap, struct dentry *dentry, return -EOPNOTSUPP; if (type == ACL_TYPE_DEFAULT && !S_ISDIR(inode->i_mode)) return acl ? -EACCES : 0; - if (!inode_owner_or_capable(&init_user_ns, inode)) + if (!inode_owner_or_capable(&nop_mnt_idmap, inode)) return -EPERM; /* diff --git a/fs/overlayfs/util.c b/fs/overlayfs/util.c index 48a3c3fee1b6..1166f7b22bc7 100644 --- a/fs/overlayfs/util.c +++ b/fs/overlayfs/util.c @@ -492,7 +492,6 @@ struct file *ovl_path_open(const struct path *path, int flags) { struct inode *inode = d_inode(path->dentry); struct mnt_idmap *real_idmap = mnt_idmap(path->mnt); - struct user_namespace *real_mnt_userns = mnt_idmap_owner(real_idmap); int err, acc_mode; if (flags & ~(O_ACCMODE | O_LARGEFILE)) @@ -514,7 +513,7 @@ struct file *ovl_path_open(const struct path *path, int flags) return ERR_PTR(err); /* O_NOATIME is an optimization, don't fail if not permitted */ - if (inode_owner_or_capable(real_mnt_userns, inode)) + if (inode_owner_or_capable(real_idmap, inode)) flags |= O_NOATIME; return dentry_open(path, flags, current_cred()); |