diff options
| author | Yang Xu <xuyang2018.jy@fujitsu.com> | 2023-03-07 10:59:16 -0800 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2023-03-17 08:49:00 +0100 |
| commit | 9c3a620bbf0c94ccd3b884ddd7724325b40605bd (patch) | |
| tree | 8f60c3e6429d095fe095a214b3fd8ade6198e47a /include/linux | |
| parent | 79821ab3284ac6830b9625de278a11a166281a97 (diff) | |
| download | linux-stable-9c3a620bbf0c94ccd3b884ddd7724325b40605bd.tar.gz linux-stable-9c3a620bbf0c94ccd3b884ddd7724325b40605bd.tar.bz2 linux-stable-9c3a620bbf0c94ccd3b884ddd7724325b40605bd.zip | |
fs: add mode_strip_sgid() helper
commit 2b3416ceff5e6bd4922f6d1c61fb68113dd82302 upsream.
Add a dedicated helper to handle the setgid bit when creating a new file
in a setgid directory. This is a preparatory patch for moving setgid
stripping into the vfs. The patch contains no functional changes.
Currently the setgid stripping logic is open-coded directly in
inode_init_owner() and the individual filesystems are responsible for
handling setgid inheritance. Since this has proven to be brittle as
evidenced by old issues we uncovered over the last months (see [1] to
[3] below) we will try to move this logic into the vfs.
Link: e014f37db1a2 ("xfs: use setattr_copy to set vfs inode attributes") [1]
Link: 01ea173e103e ("xfs: fix up non-directory creation in SGID directories") [2]
Link: fd84bfdddd16 ("ceph: fix up non-directory creation in SGID directories") [3]
Link: https://lore.kernel.org/r/1657779088-2242-1-git-send-email-xuyang2018.jy@fujitsu.com
Reviewed-by: Darrick J. Wong <djwong@kernel.org>
Reviewed-by: Christian Brauner (Microsoft) <brauner@kernel.org>
Reviewed-and-Tested-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Yang Xu <xuyang2018.jy@fujitsu.com>
Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org>
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
Tested-by: Leah Rumancik <leah.rumancik@gmail.com>
Acked-by: Darrick J. Wong <djwong@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'include/linux')
| -rw-r--r-- | include/linux/fs.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/include/linux/fs.h b/include/linux/fs.h index 1e1ac116dd13..be9be4a7216c 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -1941,6 +1941,8 @@ extern long compat_ptr_ioctl(struct file *file, unsigned int cmd, void inode_init_owner(struct user_namespace *mnt_userns, struct inode *inode, const struct inode *dir, umode_t mode); extern bool may_open_dev(const struct path *path); +umode_t mode_strip_sgid(struct user_namespace *mnt_userns, + const struct inode *dir, umode_t mode); /* * This is the "filldir" function type, used by readdir() to let |