ANDROID: overlayfs: inode_owner_or_capable called during execv

Using old_creds as an indication that we are not overriding the credentials, bypass call to inode_owner_or_capable. This solves a problem with all execv calls being blocked when using the caller's credentials. Bug: 204981027 Link: https://lore.kernel.org/lkml/20201021151903.652827-5-salyzyn@android.com/ Signed-off-by: David Anderson <dvander@google.com> Signed-off-by: Mark Salyzyn <salyzyn@android.com> Change-Id: I6b196483f7a3fa431f4f174c6671c2118e0088dd
author: David Anderson <dvander@google.com> 2021-11-03 22:41:40 -0700
committer: Amit Pundir <amit.pundir@linaro.org> 2023-07-11 11:33:54 +0530
commit: 267ad77210664e709641bf4bdc160aba72321c6a (patch)
tree: 4eeb923c4b7487b9ed11026027e123565d329275
parent: 437207441f260be5607fa0b8651db3310b4aaecc (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/fs/overlayfs/file.c b/fs/overlayfs/file.c
index 6a92e8ac686a..c3234aac1019 100644
--- a/fs/overlayfs/file.c
+++ b/fs/overlayfs/file.c
@@ -58,7 +58,7 @@ static struct file *ovl_open_realfile(const struct file *file,
 	if (err) {
 		realfile = ERR_PTR(err);
 	} else {
-		if (!inode_owner_or_capable(real_idmap, realinode))
+		if (old_cred && !inode_owner_or_capable(real_idmap, realinode))
 			flags &= ~O_NOATIME;
 
 		realfile = backing_file_open(&file->f_path, flags, realpath,
author	David Anderson <dvander@google.com>	2021-11-03 22:41:40 -0700
committer	Amit Pundir <amit.pundir@linaro.org>	2023-07-11 11:33:54 +0530
commit	267ad77210664e709641bf4bdc160aba72321c6a (patch)
tree	4eeb923c4b7487b9ed11026027e123565d329275
parent	437207441f260be5607fa0b8651db3310b4aaecc (diff)