From b4d9defd2ddac236aabf66c71a33a8125fb9ba60 Mon Sep 17 00:00:00 2001
From: Mark Huang <mlhuang@cs.princeton.edu>
Date: Tue, 23 Nov 2004 15:08:22 +0000
Subject: [PATCH] PL3131 fix: prevent vservers from escaping chroot() barriers

---
 fs/ext2/acl.c       | 4 ++++
 fs/namei.c          | 4 ++++
 fs/reiserfs/xattr.c | 4 ++++
 3 files changed, 12 insertions(+)

diff --git a/fs/ext2/acl.c b/fs/ext2/acl.c
index 74acc7846..d232026b4 100644
--- a/fs/ext2/acl.c
+++ b/fs/ext2/acl.c
@@ -9,6 +9,7 @@
 #include <linux/slab.h>
 #include <linux/fs.h>
 #include <linux/namei.h> 
+#include <linux/vs_base.h>
 #include "ext2.h"
 #include "xattr.h"
 #include "acl.h"
@@ -291,6 +292,9 @@ ext2_permission(struct inode *inode, int mask, struct nameidata *nd)
 {
 	int mode = inode->i_mode;
 
+	/* Prevent vservers from escaping chroot() barriers */
+	if (IS_BARRIER(inode) && !vx_check(0, VX_ADMIN))
+		return -EACCES;
 	/* Nobody gets write access to a read-only fs */
 	if ((mask & MAY_WRITE) && (IS_RDONLY(inode) ||
 	    (nd && MNT_IS_RDONLY(nd->mnt))) &&
diff --git a/fs/namei.c b/fs/namei.c
index 0929e9b34..656430d6b 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -165,6 +165,10 @@ int vfs_permission(struct inode * inode, int mask)
 {
 	umode_t			mode = inode->i_mode;
 
+	/* Prevent vservers from escaping chroot() barriers */
+	if (IS_BARRIER(inode) && !vx_check(0, VX_ADMIN))
+		return -EACCES;
+
 	if (mask & MAY_WRITE) {
 		/*
 		 * Nobody gets write access to a read-only fs.
diff --git a/fs/reiserfs/xattr.c b/fs/reiserfs/xattr.c
index f8babe603..a70801f35 100644
--- a/fs/reiserfs/xattr.c
+++ b/fs/reiserfs/xattr.c
@@ -1338,6 +1338,10 @@ __reiserfs_permission (struct inode *inode, int mask, struct nameidata *nd,
 {
 	umode_t			mode = inode->i_mode;
 
+	/* Prevent vservers from escaping chroot() barriers */
+	if (IS_BARRIER(inode) && !vx_check(0, VX_ADMIN))
+		return -EACCES;
+
 	if (mask & MAY_WRITE) {
 		/*
 		 * Nobody gets write access to a read-only fs.
-- 
2.47.0