xfs
[Top] [All Lists]

[PATCH 0/5] fs: Fixes for removing xid bits and security labels

To: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
Subject: [PATCH 0/5] fs: Fixes for removing xid bits and security labels
From: Jan Kara <jack@xxxxxxx>
Date: Thu, 4 Dec 2014 14:27:34 +0100
Cc: linux-fsdevel@xxxxxxxxxxxxxxx, xfs@xxxxxxxxxxx, linux-security-module@xxxxxxxxxxxxxxx, Jan Kara <jack@xxxxxxx>
Delivered-to: xfs@xxxxxxxxxxx
  Hello,

  warning in XFS made me look into detail into how clearing of suid / sgid
bits and security labels is done. And I've spotted a few issues:
1) file_remove_suid() is a misnomer since it also handles removing of
   security labels. It is even more confusing because should_remove_suid()
   doesn't return whether file_remove_suid() is needed or not.
2) on truncate we do clear suid bits but not security labels. I think that's
   a bug but please correct me if I'm wrong.
3) ocfs2 doesn't clear security labels - hard to fix, I left it alone for now.
4) XFS didn't provide proper exclusion for clearing mode bits.

  This series aims at fixing above issues. The second patch in the series
is unrelated fix to inode_set_mask() which I spotted when playing with the
code.

                                                                Honza

<Prev in Thread] Current Thread [Next in Thread>