[Top] [All Lists]

[PATCH 0/5 v2 RESEND] fs: Fixes for removing xid bits and security label

To: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
Subject: [PATCH 0/5 v2 RESEND] fs: Fixes for removing xid bits and security labels
From: Jan Kara <jack@xxxxxxx>
Date: Tue, 3 Mar 2015 11:38:34 +0100
Cc: linux-fsdevel@xxxxxxxxxxxxxxx, xfs@xxxxxxxxxxx, Jan Kara <jack@xxxxxxx>
Delivered-to: xfs@xxxxxxxxxxx

  warning in XFS made me look into detail into how clearing of suid / sgid
bits and security labels is done. And I've spotted a few issues:
1) MS_NOSEC handling is broken - we set it after each file_remove_suid() call.
   However we needn't have removed suid bit simply because we have
   CAP_SYS_FSID and further writes to the file from processes without this
   capability still need to clear the suid bit.
2) file_remove_suid() is a misnomer since it also handles removing of
   security labels. It is even more confusing because should_remove_suid()
   doesn't return whether file_remove_suid() is needed or not.
3) On truncate we do clear suid bits but not security labels. According to
   documentation in include/linux/security.h that's a bug but please correct
   me if I'm wrong.
4) ocfs2 doesn't clear security labels - hard to fix, I left it alone for now.
5) XFS didn't provide proper exclusion for clearing mode bits.

  This series aims at fixing above issues.

  Since v1 I have removed bogus patch changing inode_set_flags(), I have
updated changelog of patch 4/5 to better explain why ->inode_killpriv should
be called and I have included a fix for MS_NOSEC handling in this series.
Al, can you please merge the patches? Thanks!


<Prev in Thread] Current Thread [Next in Thread>