From 5fb536e6f05f64ec51735a68c1aad74b85857b34 Mon Sep 17 00:00:00 2001
From: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
Date: Thu, 6 Jul 2023 17:45:14 -0300
Subject: [PATCH] Revert "UBUNTU: SAUCE: overlayfs: handle idmapped mounts in
 ovl_do_(set|remove)xattr"

This reverts commit 520b4713f66b758048d921b73b2c9250d4c2a474.

This is needed in order to revert "UBUNTU: SAUCE: overlayfs: Skip permission
checking for trusted.overlayfs.* xattrs".

CVE-2023-2640
CVE-2023-32629
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
Acked-by: Stefan Bader <stefan.bader@canonical.com>
Acked-by: Roxana Nicolescu <roxana.nicolescu@canonical.com>
Acked-by: Andrei Gherzan <andrei.gherzan@canonical.com>
Signed-off-by: Roxana Nicolescu <roxana.nicolescu@canonical.com>
---
 fs/overlayfs/overlayfs.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/fs/overlayfs/overlayfs.h b/fs/overlayfs/overlayfs.h
index 3a85be75d64af..e523d600da4e8 100644
--- a/fs/overlayfs/overlayfs.h
+++ b/fs/overlayfs/overlayfs.h
@@ -255,7 +255,7 @@ static inline int ovl_do_setxattr(struct ovl_fs *ofs, struct dentry *dentry,
 	int err;
 
 	inode_lock(inode);
-	err = __vfs_setxattr_noperm(ovl_upper_mnt_userns(ofs), dentry, name, value, size, flags);
+	err = __vfs_setxattr_noperm(&init_user_ns, dentry, name, value, size, flags);
 	inode_unlock(inode);
 
 	pr_debug("setxattr(%pd2, \"%s\", \"%*pE\", %zu, %d) = %i\n",
@@ -277,7 +277,7 @@ static inline int ovl_do_removexattr(struct ovl_fs *ofs, struct dentry *dentry,
 	int err;
 
 	inode_lock(inode);
-	err = __vfs_removexattr_noperm(ovl_upper_mnt_userns(ofs), dentry, name);
+	err = __vfs_removexattr_noperm(&init_user_ns, dentry, name);
 	inode_unlock(inode);
 
 	pr_debug("removexattr(%pd2, \"%s\") = %i\n", dentry, name, err);