diff options
author | Paul Lawrence <paullawrence@google.com> | 2021-01-08 13:00:43 -0800 |
---|---|---|
committer | Paul Lawrence <paullawrence@google.com> | 2021-01-12 22:18:17 +0000 |
commit | a31de8b2a54aaf711478c465c2808b723cd1f1fc (patch) | |
tree | 3240dad2cf4a86421d6facd3a909b680c4c48c14 | |
parent | 3f7bd17fcca351c8ba05ad5b4af271b1913147ef (diff) |
ANDROID: Incremental fs: Fix selinux issues
Bug: 177075428
Test: incfs_test passes
atest GtsIncrementalInstallTestCases has only 8 failures
Signed-off-by: Paul Lawrence <paullawrence@google.com>
Change-Id: I73accfc1982aec1cd7947996c25a23e4a97cfdac
-rw-r--r-- | fs/incfs/data_mgmt.c | 7 | ||||
-rw-r--r-- | fs/incfs/pseudo_files.c | 7 | ||||
-rw-r--r-- | fs/incfs/vfs.c | 16 |
3 files changed, 21 insertions, 9 deletions
diff --git a/fs/incfs/data_mgmt.c b/fs/incfs/data_mgmt.c index df3b24b2d428..744643eaa21d 100644 --- a/fs/incfs/data_mgmt.c +++ b/fs/incfs/data_mgmt.c @@ -190,6 +190,7 @@ static struct data_file *handle_mapped_file(struct mount_info *mi, struct path path; struct file *bf; struct data_file *result = NULL; + const struct cred *old_cred; file_id_str = file_id_to_str(df->df_id); if (!file_id_str) @@ -212,7 +213,11 @@ static struct data_file *handle_mapped_file(struct mount_info *mi, .dentry = index_file_dentry }; - bf = dentry_open(&path, O_RDWR | O_NOATIME | O_LARGEFILE, mi->mi_owner); + old_cred = override_creds(mi->mi_owner); + bf = dentry_open(&path, O_RDWR | O_NOATIME | O_LARGEFILE, + current_cred()); + revert_creds(old_cred); + if (IS_ERR(bf)) { result = (struct data_file *)bf; goto out; diff --git a/fs/incfs/pseudo_files.c b/fs/incfs/pseudo_files.c index e9e46ee9a17d..356f9bd77f4e 100644 --- a/fs/incfs/pseudo_files.c +++ b/fs/incfs/pseudo_files.c @@ -241,7 +241,7 @@ static int dir_relative_path_resolve( if (dir_fd < 0) return dir_fd; - dir_f = dentry_open(base_path, O_RDONLY | O_NOATIME, mi->mi_owner); + dir_f = dentry_open(base_path, O_RDONLY | O_NOATIME, current_cred()); if (IS_ERR(dir_f)) { error = PTR_ERR(dir_f); @@ -309,8 +309,9 @@ static int init_new_file(struct mount_info *mi, struct dentry *dentry, .mnt = mi->mi_backing_dir_path.mnt, .dentry = dentry }; + new_file = dentry_open(&path, O_RDWR | O_NOATIME | O_LARGEFILE, - mi->mi_owner); + current_cred()); if (IS_ERR(new_file)) { error = PTR_ERR(new_file); @@ -629,7 +630,7 @@ static int init_new_mapped_file(struct mount_info *mi, struct dentry *dentry, .dentry = dentry }; new_file = dentry_open(&path, O_RDWR | O_NOATIME | O_LARGEFILE, - mi->mi_owner); + current_cred()); if (IS_ERR(new_file)) { error = PTR_ERR(new_file); diff --git a/fs/incfs/vfs.c b/fs/incfs/vfs.c index 4208831198ad..8bcf2f25d2a3 100644 --- a/fs/incfs/vfs.c +++ b/fs/incfs/vfs.c @@ -547,16 +547,18 @@ static int incfs_rmdir(struct dentry *dentry) static void maybe_delete_incomplete_file(struct data_file *df) { - char *file_id_str; - struct dentry *incomplete_file_dentry; + struct mount_info *mi = df->df_mount_info; + char *file_id_str = NULL; + struct dentry *incomplete_file_dentry = NULL; + const struct cred *old_cred = override_creds(mi->mi_owner); if (atomic_read(&df->df_data_blocks_written) < df->df_data_block_count) - return; + goto out; /* This is best effort - there is no useful action to take on failure */ file_id_str = file_id_to_str(df->df_id); if (!file_id_str) - return; + goto out; incomplete_file_dentry = incfs_lookup_dentry( df->df_mount_info->mi_incomplete_dir, @@ -575,6 +577,7 @@ static void maybe_delete_incomplete_file(struct data_file *df) out: dput(incomplete_file_dentry); kfree(file_id_str); + revert_creds(old_cred); } static long ioctl_fill_blocks(struct file *f, void __user *arg) @@ -1229,6 +1232,7 @@ static int file_open(struct inode *inode, struct file *file) int err = 0; int flags = O_NOATIME | O_LARGEFILE | (S_ISDIR(inode->i_mode) ? O_RDONLY : O_RDWR); + const struct cred *old_cred; WARN_ON(file->private_data); @@ -1239,7 +1243,9 @@ static int file_open(struct inode *inode, struct file *file) if (!backing_path.dentry) return -EBADF; - backing_file = dentry_open(&backing_path, flags, mi->mi_owner); + old_cred = override_creds(mi->mi_owner); + backing_file = dentry_open(&backing_path, flags, current_cred()); + revert_creds(old_cred); path_put(&backing_path); if (IS_ERR(backing_file)) { |