gentoo-overlay/sys-kernel/hardened-kernel/files/linux-5.4/9119_0119-xattr-allow-setti...

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Alan Cox <alan@linux.intel.com>
Date: Thu, 10 Mar 2016 15:11:28 +0000
Subject: [PATCH] xattr: allow setting user.* attributes on symlinks by owner

Kvmtool and clear containers supports using user attributes to label host
files with the virtual uid/guid of the file in the container. This allows an
end user to manage their files and a complete uid space without all the ugly
namespace stuff.

The one gap in the support is symlinks because an end user can change the
ownership of a symbolic link. We support attributes on these files as you
can already (as root) set security attributes on them.

The current rules seem slightly over-paranoid and as we have a use case this
patch enables updating the attributes on a symbolic link IFF you are the
owner of the synlink (as permissions are not usually meaningful on the link
itself).

Signed-off-by: Alan Cox <alan@linux.intel.com>
---
 fs/xattr.c | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/fs/xattr.c b/fs/xattr.c
index 90dd78f0eb27..a81d9690f136 100644
--- a/fs/xattr.c
+++ b/fs/xattr.c
@@ -119,15 +119,17 @@ xattr_permission(struct inode *inode, const char *name, int mask)
 	}
 
 	/*
-	 * In the user.* namespace, only regular files and directories can have
-	 * extended attributes. For sticky directories, only the owner and
-	 * privileged users can write attributes.
+	 * In the user.* namespace, only regular files, symbolic links, and
+	 * directories can have extended attributes. For symbolic links and
+	 * sticky directories, only the owner and privileged users can write
+	 * attributes.
 	 */
 	if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN)) {
-		if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode))
+		if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode) && !S_ISLNK(inode->i_mode))
 			return (mask & MAY_WRITE) ? -EPERM : -ENODATA;
-		if (S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX) &&
-		    (mask & MAY_WRITE) && !inode_owner_or_capable(inode))
+		if (((S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX))
+		        || S_ISLNK(inode->i_mode)) && (mask & MAY_WRITE)
+		        && !inode_owner_or_capable(inode))
 			return -EPERM;
 	}
 
-- 
https://clearlinux.org
sys-kernel/linux-hardened-sources: bump 5.4 version with Clear Linux patches 2020-03-29 09:31:47 +03:00			`From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001`
			`From: Alan Cox <alan@linux.intel.com>`
			`Date: Thu, 10 Mar 2016 15:11:28 +0000`
			`Subject: [PATCH] xattr: allow setting user.* attributes on symlinks by owner`

			`Kvmtool and clear containers supports using user attributes to label host`
			`files with the virtual uid/guid of the file in the container. This allows an`
			`end user to manage their files and a complete uid space without all the ugly`
			`namespace stuff.`

			`The one gap in the support is symlinks because an end user can change the`
			`ownership of a symbolic link. We support attributes on these files as you`
			`can already (as root) set security attributes on them.`

			`The current rules seem slightly over-paranoid and as we have a use case this`
			`patch enables updating the attributes on a symbolic link IFF you are the`
			`owner of the synlink (as permissions are not usually meaningful on the link`
			`itself).`

			`Signed-off-by: Alan Cox <alan@linux.intel.com>`
			`---`
			`fs/xattr.c \| 14 ++++++++------`
			`1 file changed, 8 insertions(+), 6 deletions(-)`

			`diff --git a/fs/xattr.c b/fs/xattr.c`
			`index 90dd78f0eb27..a81d9690f136 100644`
			`--- a/fs/xattr.c`
			`+++ b/fs/xattr.c`
			`@@ -119,15 +119,17 @@ xattr_permission(struct inode inode, const char name, int mask)`
			`}`

			`/*`
			`- * In the user.* namespace, only regular files and directories can have`
			`- * extended attributes. For sticky directories, only the owner and`
			`- * privileged users can write attributes.`
			`+ * In the user.* namespace, only regular files, symbolic links, and`
			`+ * directories can have extended attributes. For symbolic links and`
			`+ * sticky directories, only the owner and privileged users can write`
			`+ * attributes.`
			`*/`
			`if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN)) {`
			`- if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode))`
			`+ if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode) && !S_ISLNK(inode->i_mode))`
			`return (mask & MAY_WRITE) ? -EPERM : -ENODATA;`
			`- if (S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX) &&`
			`- (mask & MAY_WRITE) && !inode_owner_or_capable(inode))`
			`+ if (((S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX))`
			`+ \|\| S_ISLNK(inode->i_mode)) && (mask & MAY_WRITE)`
			`+ && !inode_owner_or_capable(inode))`
			`return -EPERM;`
			`}`

			`--`
			`https://clearlinux.org`