UBUNTU: SAUCE: (namespace) mtd: Check permissions towards mtd block device inode...

Unprivileged users should not be able to mount mtd block devices
when they lack sufficient privileges towards the block device
inode.  Update mount_mtd() to validate that the user has the
required access to the inode at the specified path. The check
will be skipped for CAP_SYS_ADMIN, so privileged mounts will
continue working as before.

Signed-off-by: Seth Forshee <seth.forshee@canonical.com>

diff --git a/drivers/mtd/mtdsuper.c b/drivers/mtd/mtdsuper.c
index b5b60e1af31ce96ba94bd5247688444ca0b1d214..5d7e7705fed813e697ea1ae121569996c9d58321 100644 (file)
--- a/drivers/mtd/mtdsuper.c
+++ b/drivers/mtd/mtdsuper.c
@@ -125,6 +125,7 @@ struct dentry *mount_mtd(struct file_system_type *fs_type, int flags,
 #ifdef CONFIG_BLOCK
        struct block_device *bdev;
        int ret, major;
+       int perm;
 #endif
        int mtdnr;
 
@@ -176,7 +177,10 @@ struct dentry *mount_mtd(struct file_system_type *fs_type, int flags,
        /* try the old way - the hack where we allowed users to mount
         * /dev/mtdblock$(n) but didn't actually _use_ the blockdev
         */
-       bdev = lookup_bdev(dev_name, 0);
+       perm = MAY_READ;
+       if (!(flags & MS_RDONLY))
+               perm |= MAY_WRITE;
+       bdev = lookup_bdev(dev_name, perm);
        if (IS_ERR(bdev)) {
                ret = PTR_ERR(bdev);
                pr_debug("MTDSB: lookup_bdev() returned %d\n", ret);