git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Yang Xu <xuyang2018.jy@fujitsu.com>
	Sat, 18 Mar 2023 10:15:22 +0000 (12:15 +0200)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Wed, 22 Mar 2023 12:30:07 +0000 (13:30 +0100)
commit	347750e1b69cef62966fbc5bd7dc579b4c00688a
tree	357446bee575a6e6280c14d784b84e4e3448c1ca	tree \| snapshot
parent	f60b68c46444e4e9321a4313efd5ea0eddd77fb7	commit \| diff

fs: add mode_strip_sgid() helper

commit 2b3416ceff5e6bd4922f6d1c61fb68113dd82302 upstream.

[remove userns argument of helper for 5.10.y backport]

Add a dedicated helper to handle the setgid bit when creating a new file
in a setgid directory. This is a preparatory patch for moving setgid
stripping into the vfs. The patch contains no functional changes.

Currently the setgid stripping logic is open-coded directly in
inode_init_owner() and the individual filesystems are responsible for
handling setgid inheritance. Since this has proven to be brittle as
evidenced by old issues we uncovered over the last months (see [1] to
[3] below) we will try to move this logic into the vfs.

Link: e014f37db1a2 ("xfs: use setattr_copy to set vfs inode attributes") [1]
Link: 01ea173e103e ("xfs: fix up non-directory creation in SGID directories") [2]
Link: fd84bfdddd16 ("ceph: fix up non-directory creation in SGID directories") [3]
Link: https://lore.kernel.org/r/1657779088-2242-1-git-send-email-xuyang2018.jy@fujitsu.com
Reviewed-by: Darrick J. Wong <djwong@kernel.org>
Reviewed-by: Christian Brauner (Microsoft) <brauner@kernel.org>
Reviewed-and-Tested-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Yang Xu <xuyang2018.jy@fujitsu.com>
Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org>
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

fs/inode.c		diff \| blob \| blame \| history
include/linux/fs.h		diff \| blob \| blame \| history