diff options
| author | Miklos Szeredi <mszeredi@redhat.com> | 2016-10-01 08:32:32 +0300 |
|---|---|---|
| committer | Miklos Szeredi <mszeredi@redhat.com> | 2016-10-01 08:32:32 +0300 |
| commit | 5e940c1dd3c1f7561924954eecee956ec277a79b (patch) | |
| tree | ab6e949c24c553e4e0b6d10782f4993c1cd436da /fs/fuse/dir.c | |
| parent | a09f99eddef44035ec764075a37bace8181bec38 (diff) | |
| download | linux-5e940c1dd3c1f7561924954eecee956ec277a79b.tar.xz | |
fuse: handle killpriv in userspace fs
Only userspace filesystem can do the killing of suid/sgid without races.
So introduce an INIT flag and negotiate support for this.
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Diffstat (limited to 'fs/fuse/dir.c')
| -rw-r--r-- | fs/fuse/dir.c | 44 |
1 files changed, 27 insertions, 17 deletions
diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c index b7a690ed6a75..7cb68b18eb3f 100644 --- a/fs/fuse/dir.c +++ b/fs/fuse/dir.c @@ -1703,6 +1703,7 @@ error: static int fuse_setattr(struct dentry *entry, struct iattr *attr) { struct inode *inode = d_inode(entry); + struct fuse_conn *fc = get_fuse_conn(inode); struct file *file = (attr->ia_valid & ATTR_FILE) ? attr->ia_file : NULL; int ret; @@ -1710,27 +1711,36 @@ static int fuse_setattr(struct dentry *entry, struct iattr *attr) return -EACCES; if (attr->ia_valid & (ATTR_KILL_SUID | ATTR_KILL_SGID)) { - int kill; - attr->ia_valid &= ~(ATTR_KILL_SUID | ATTR_KILL_SGID | ATTR_MODE); + /* - * ia_mode calculation may have used stale i_mode. Refresh and - * recalculate. + * The only sane way to reliably kill suid/sgid is to do it in + * the userspace filesystem + * + * This should be done on write(), truncate() and chown(). */ - ret = fuse_do_getattr(inode, NULL, file); - if (ret) - return ret; - - attr->ia_mode = inode->i_mode; - kill = should_remove_suid(entry); - if (kill & ATTR_KILL_SUID) { - attr->ia_valid |= ATTR_MODE; - attr->ia_mode &= ~S_ISUID; - } - if (kill & ATTR_KILL_SGID) { - attr->ia_valid |= ATTR_MODE; - attr->ia_mode &= ~S_ISGID; + if (!fc->handle_killpriv) { + int kill; + + /* + * ia_mode calculation may have used stale i_mode. + * Refresh and recalculate. + */ + ret = fuse_do_getattr(inode, NULL, file); + if (ret) + return ret; + + attr->ia_mode = inode->i_mode; + kill = should_remove_suid(entry); + if (kill & ATTR_KILL_SUID) { + attr->ia_valid |= ATTR_MODE; + attr->ia_mode &= ~S_ISUID; + } + if (kill & ATTR_KILL_SGID) { + attr->ia_valid |= ATTR_MODE; + attr->ia_mode &= ~S_ISGID; + } } } if (!attr->ia_valid) |