xfs
[Top] [All Lists]

Re: [PATCH 2/2] xfs: kill suid/sgid through the truncate path.

To: Dave Chinner <david@xxxxxxxxxxxxx>
Subject: Re: [PATCH 2/2] xfs: kill suid/sgid through the truncate path.
From: Christoph Hellwig <hch@xxxxxxxxxxxxx>
Date: Fri, 24 May 2013 06:02:46 -0400
Cc: xfs@xxxxxxxxxxx, bpm@xxxxxxx
Delivered-to: xfs@xxxxxxxxxxx
In-reply-to: <1369385888-17214-3-git-send-email-david@xxxxxxxxxxxxx>
References: <1369312240-5925-1-git-send-email-david@xxxxxxxxxxxxx> <1369385888-17214-1-git-send-email-david@xxxxxxxxxxxxx> <1369385888-17214-3-git-send-email-david@xxxxxxxxxxxxx>
User-agent: Mutt/1.5.21 (2010-09-15)
On Fri, May 24, 2013 at 06:58:08PM +1000, Dave Chinner wrote:
> From: Dave Chinner <dchinner@xxxxxxxxxx>
> 
> XFS has failed to kill suid/sgid bits correctly when truncating
> files of non-zero size since commit c4ed4243 ("xfs: split
> xfs_setattr") introduced in the 3.1 kernel. Fix it.

This should get a testcase in xfstests.

> +xfs_setattr_mode(
> +     struct inode    *inode,
> +     struct iattr    *iattr)
> +{
> +     struct xfs_inode *ip = XFS_I(inode);
> +     umode_t         mode = iattr->ia_mode;
> +
> +     if (!in_group_p(inode->i_gid) && !capable(CAP_FSETID))
> +             mode &= ~S_ISGID;
> +
> +     ip->i_d.di_mode &= S_IFMT;
> +     ip->i_d.di_mode |= mode & ~S_IFMT;
> +
> +     inode->i_mode &= S_IFMT;
> +     inode->i_mode |= mode & ~S_IFMT;

This function should have assers that the xfs_inode is locked
exclusively and joined to a transaction.

<Prev in Thread] Current Thread [Next in Thread>