ovl: check mounter creds on underlying lookup

The hash salting changes meant that we can no longer reuse the hash in the
overlay dentry to look up the underlying dentry.

Instead of lookup_hash(), use lookup_one_len_unlocked() and swith to
mounter's creds (like we do for all other operations later in the series).

Now the lookup_hash() export introduced in 4.6 by 3c9fe8cdff1b ("vfs: add
lookup_hash() helper") is unused and can possibly be removed; its
usefulness negated by the hash salting and the idea that mounter's creds
should be used on operations on underlying filesystems.

Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Fixes: 8387ff2577eb ("vfs: make the string hashes salt the hash")

diff --git a/fs/overlayfs/super.c b/fs/overlayfs/super.c
index 5e254b3a8c5601256d8960ed66a304081210cce1..cbfa0398f9dabf22ae47697da33e7f0328d29c6c 100644 (file)
--- a/fs/overlayfs/super.c
+++ b/fs/overlayfs/super.c
@@ -423,12 +423,16 @@ static bool ovl_dentry_weird(struct dentry *dentry)
                                  DCACHE_OP_COMPARE);
 }
 
-static inline struct dentry *ovl_lookup_real(struct dentry *dir,
+static inline struct dentry *ovl_lookup_real(struct super_block *ovl_sb,
+                                            struct dentry *dir,
                                             struct qstr *name)
 {
+       const struct cred *old_cred;
        struct dentry *dentry;
 
-       dentry = lookup_hash(name, dir);
+       old_cred = ovl_override_creds(ovl_sb);
+       dentry = lookup_one_len_unlocked(name->name, dir, name->len);
+       revert_creds(old_cred);
 
        if (IS_ERR(dentry)) {
                if (PTR_ERR(dentry) == -ENOENT)
@@ -481,7 +485,7 @@ struct dentry *ovl_lookup(struct inode *dir, struct dentry *dentry,
 
        upperdir = ovl_upperdentry_dereference(poe);
        if (upperdir) {
-               this = ovl_lookup_real(upperdir, &dentry->d_name);
+               this = ovl_lookup_real(dentry->d_sb, upperdir, &dentry->d_name);
                err = PTR_ERR(this);
                if (IS_ERR(this))
                        goto out;
@@ -514,7 +518,8 @@ struct dentry *ovl_lookup(struct inode *dir, struct dentry *dentry,
                bool opaque = false;
                struct path lowerpath = poe->lowerstack[i];
 
-               this = ovl_lookup_real(lowerpath.dentry, &dentry->d_name);
+               this = ovl_lookup_real(dentry->d_sb,
+                                      lowerpath.dentry, &dentry->d_name);
                err = PTR_ERR(this);
                if (IS_ERR(this)) {
                        /*