Christian Brauner fd84bfdddd ceph: fix up non-directory creation in SGID directories ... Ceph always inherits the SGID bit if it is set on the parent inode, while the generic inode_init_owner does not do this in a few cases where it can create a possible security problem (cf. [1]). Update ceph to strip the SGID bit just as inode_init_owner would. This bug was detected by the mapped mount testsuite in [3]. The testsuite tests all core VFS functionality and semantics with and without mapped mounts. That is to say it functions as a generic VFS testsuite in addition to a mapped mount testsuite. While working on mapped mount support for ceph, SIGD inheritance was the only failing test for ceph after the port. The same bug was detected by the mapped mount testsuite in XFS in January 2021 (cf. [2]). [1]: commit 0fa3ecd878 ("Fix up non-directory creation in SGID directories") [2]: commit 01ea173e10 ("xfs: fix up non-directory creation in SGID directories") [3]: https://git.kernel.org/fs/xfs/xfstests-dev.git Cc: stable@vger.kernel.org Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> Reviewed-by: Jeff Layton <jlayton@kernel.org> Signed-off-by: Ilya Dryomov <idryomov@gmail.com>		2021-12-01 17:08:27 +01:00
..
acl.c	vfs: add rcu argument to ->get_acl() callback	2021-08-18 22:08:24 +02:00
addr.c	One notable change here is that async creates and unlinks introduced	2021-11-13 11:31:07 -08:00
cache.c	ceph: just use ci->i_version for fscache aux info	2021-11-08 03:29:51 +01:00
cache.h	ceph: remove some defunct forward declarations	2021-09-02 22:49:16 +02:00
caps.c	ceph: fix duplicate increment of opened_inodes metric	2021-12-01 17:08:26 +01:00
ceph_frag.c	License cleanup: add SPDX GPL-2.0 license identifier to files with no license	2017-11-02 11:10:55 +01:00
debugfs.c	ceph: add a new metric to keep track of remote object copies	2021-11-08 03:29:52 +01:00
dir.c	ceph: take reference to req->r_parent at point of assignment	2021-06-29 00:15:52 +02:00
export.c	ceph: shut down access to inode when async create fails	2021-11-08 03:29:51 +01:00
file.c	ceph: fix up non-directory creation in SGID directories	2021-12-01 17:08:27 +01:00
inode.c	ceph: ignore the truncate when size won't change with Fx caps issued	2021-11-08 03:29:52 +01:00
io.c	ceph: fix kerneldoc copypasta over ceph_start_io_direct	2021-04-27 23:52:23 +02:00
io.h	ceph: add buffered/direct exclusionary locking for reads and writes	2019-09-16 12:06:25 +02:00
ioctl.c	ceph: consider inode's last read/write when calculating wanted caps	2020-03-30 12:42:42 +02:00
ioctl.h	License cleanup: add SPDX GPL-2.0 license identifier to files with no license	2017-11-02 11:10:55 +01:00
Kconfig	ceph: convert ceph_readpage to netfs_readpage	2021-04-27 23:52:22 +02:00
locks.c	One notable change here is that async creates and unlinks introduced	2021-11-13 11:31:07 -08:00
Makefile	ceph: add dentry lease metric support	2020-06-01 13:22:51 +02:00
mds_client.c	ceph: initialize pathlen variable in reconnect_caps_cb	2021-12-01 17:08:26 +01:00
mds_client.h	ceph: flush mdlog before umounting	2021-09-02 22:49:16 +02:00
mdsmap.c	ceph: fix mdsmap decode when there are MDS's beyond max_mds	2021-11-08 03:29:52 +01:00
metric.c	ceph: clean-up metrics data structures to reduce code duplication	2021-11-08 03:29:52 +01:00
metric.h	ceph: add a new metric to keep track of remote object copies	2021-11-08 03:29:52 +01:00
quota.c	ceph: eliminate ceph_async_iput()	2021-06-29 00:15:52 +02:00
snap.c	ceph: add ceph_change_snap_realm() helper	2021-09-02 22:49:17 +02:00
strings.c	ceph: flush mdlog before umounting	2021-09-02 22:49:16 +02:00
super.c	ceph: properly handle statfs on multifs setups	2021-11-08 03:29:52 +01:00
super.h	ceph: split 'metric' debugfs file into several files	2021-11-08 03:29:52 +01:00
util.c	ceph: move net/ceph/ceph_fs.c to fs/ceph/util.c	2020-01-27 16:53:40 +01:00
xattr.c	security: Return xattr name from security_dentry_init_security()	2021-10-20 08:17:08 -04:00