diff options
| author | Christian Brauner <brauner@kernel.org> | 2022-10-17 17:06:34 +0200 |
|---|---|---|
| committer | Christian Brauner (Microsoft) <brauner@kernel.org> | 2022-10-18 10:09:43 +0200 |
| commit | 11c2a8700cdcabf9b639b7204a1e38e2a0b6798e (patch) | |
| tree | f98a38095132d6d55b9f718ad07d3a3824998bdd /fs/inode.c | |
| parent | 9abf2313adc1ca1b6180c508c25f22f9395cc780 (diff) | |
| download | linux-11c2a8700cdcabf9b639b7204a1e38e2a0b6798e.tar.gz linux-11c2a8700cdcabf9b639b7204a1e38e2a0b6798e.tar.bz2 linux-11c2a8700cdcabf9b639b7204a1e38e2a0b6798e.zip | |
attr: add in_group_or_capable()
In setattr_{copy,prepare}() we need to perform the same permission
checks to determine whether we need to drop the setgid bit or not.
Instead of open-coding it twice add a simple helper the encapsulates the
logic. We will reuse this helpers to make dropping the setgid bit during
write operations more consistent in a follow up patch.
Reviewed-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org>
Diffstat (limited to 'fs/inode.c')
| -rw-r--r-- | fs/inode.c | 28 |
1 files changed, 24 insertions, 4 deletions
diff --git a/fs/inode.c b/fs/inode.c index b608528efd3a..55299b710c45 100644 --- a/fs/inode.c +++ b/fs/inode.c @@ -2488,6 +2488,28 @@ struct timespec64 current_time(struct inode *inode) EXPORT_SYMBOL(current_time); /** + * in_group_or_capable - check whether caller is CAP_FSETID privileged + * @mnt_userns: user namespace of the mount @inode was found from + * @inode: inode to check + * @vfsgid: the new/current vfsgid of @inode + * + * Check wether @vfsgid is in the caller's group list or if the caller is + * privileged with CAP_FSETID over @inode. This can be used to determine + * whether the setgid bit can be kept or must be dropped. + * + * Return: true if the caller is sufficiently privileged, false if not. + */ +bool in_group_or_capable(struct user_namespace *mnt_userns, + const struct inode *inode, vfsgid_t vfsgid) +{ + if (vfsgid_in_group_p(vfsgid)) + return true; + if (capable_wrt_inode_uidgid(mnt_userns, inode, CAP_FSETID)) + return true; + return false; +} + +/** * mode_strip_sgid - handle the sgid bit for non-directories * @mnt_userns: User namespace of the mount the inode was created from * @dir: parent directory inode @@ -2508,11 +2530,9 @@ umode_t mode_strip_sgid(struct user_namespace *mnt_userns, return mode; if (S_ISDIR(mode) || !dir || !(dir->i_mode & S_ISGID)) return mode; - if (in_group_p(i_gid_into_mnt(mnt_userns, dir))) - return mode; - if (capable_wrt_inode_uidgid(mnt_userns, dir, CAP_FSETID)) + if (in_group_or_capable(mnt_userns, dir, + i_gid_into_vfsgid(mnt_userns, dir))) return mode; - return mode & ~S_ISGID; } EXPORT_SYMBOL(mode_strip_sgid); |