xfs
[Top] [All Lists]

bug: truncate to zero + setuid

To: xfs@xxxxxxxxxxx
Subject: bug: truncate to zero + setuid
From: Roger Willcocks <roger@xxxxxxxxxxxxxxxx>
Date: Sun, 28 Oct 2007 14:36:42 +0000
Sender: xfs-bounce@xxxxxxxxxxx
User-agent: Thunderbird 1.5.0.5 (X11/20060728)
The nfsv3 setattr call permits a simultaneous truncate + setuid/gid operation. Normally XFS handles this fine, but if the file's being truncated to zero, and the file's already empty, XFS simply ignores the setuid/gid part, returning 'success'.

The error's in xfs_vnodeops.c/xfs_setattr below the comment 'Short circuit the truncate case for zero length files', which bypasses all other changes.

The simplest fix is to test whether this is the only change that's happening, otherwise you get tangled in transactions.

       if (mask & XFS_AT_SIZE) {
               /* Short circuit the truncate case for zero length files */
-               if ((vap->va_size == 0) &&
+               if (((mask & ~XFS_AT_SIZE) == 0) && (vap->va_size == 0) &&
                  (ip->i_d.di_size == 0) && (ip->i_d.di_nextents == 0)) {


-- Roger


<Prev in Thread] Current Thread [Next in Thread>