linux-stable

mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-30 22:26:55 +00:00

History

Christian Brauner ce59b7c1b0 nfsd: use vfs setgid helper commit `2d8ae8c417` upstream. We've aligned setgid behavior over multiple kernel releases. The details can be found in commit `cf619f8919` ("Merge tag 'fs.ovl.setgid.v6.2' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/idmapping") and commit `426b4ca2d6` ("Merge tag 'fs.setgid.v6.0' of git://git.kernel.org/pub/scm/linux/kernel/git/brauner/linux"). Consistent setgid stripping behavior is now encapsulated in the setattr_should_drop_sgid() helper which is used by all filesystems that strip setgid bits outside of vfs proper. Usually ATTR_KILL_SGID is raised in e.g., chown_common() and is subject to the setattr_should_drop_sgid() check to determine whether the setgid bit can be retained. Since nfsd is raising ATTR_KILL_SGID unconditionally it will cause notify_change() to strip it even if the caller had the necessary privileges to retain it. Ensure that nfsd only raises ATR_KILL_SGID if the caller lacks the necessary privileges to retain the setgid bit. Without this patch the setgid stripping tests in LTP will fail: > As you can see, the problem is S_ISGID (0002000) was dropped on a > non-group-executable file while chown was invoked by super-user, while [...] > fchown02.c:66: TFAIL: testfile2: wrong mode permissions 0100700, expected 0102700 [...] > chown02.c:57: TFAIL: testfile2: wrong mode permissions 0100700, expected 0102700 With this patch all tests pass. Reported-by: Sherry Yang <sherry.yang@oracle.com> Signed-off-by: Christian Brauner <brauner@kernel.org> Reviewed-by: Jeff Layton <jlayton@kernel.org> Cc: <stable@vger.kernel.org> Signed-off-by: Chuck Lever <chuck.lever@oracle.com> [Harshit: backport to 6.1.y: Use init_user_ns instead of nop_mnt_idmap as we don't have commit `abf08576af` ("fs: port vfs_*() helpers to struct mnt_idmap")] Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2023-08-30 16:11:10 +02:00
..
acl.h
auth.c
auth.h
blocklayout.c	nfsd: call op_release, even when op_func returns an error	2023-04-13 16:55:21 +02:00
blocklayoutxdr.c
blocklayoutxdr.h
cache.h
current_stateid.h
export.c
export.h
fault_inject.c
filecache.c	nfsd: don't fsync nfsd_files on last close	2023-03-10 09:33:25 +01:00
filecache.h	nfsd: fix handling of cached open files in nfsd4_open codepath	2023-01-18 11:58:26 +01:00
flexfilelayout.c
flexfilelayoutxdr.c
flexfilelayoutxdr.h
idmap.h
Kconfig
lockd.c
Makefile
netns.h
nfs2acl.c	NFSD: Finish converting the NFSv2 GETACL result encoder	2022-12-31 13:31:58 +01:00
nfs3acl.c	NFSD: Finish converting the NFSv3 GETACL result encoder	2022-12-31 13:31:58 +01:00
nfs3proc.c	NFSD: Add an NFSD_FILE_GC flag to enable nfsd_file garbage collection	2023-01-18 11:58:25 +01:00
nfs3xdr.c
nfs4acl.c
nfs4callback.c	NFSD: callback request does not use correct credential for AUTH_SYS	2023-04-13 16:55:23 +02:00
nfs4idmap.c
nfs4layouts.c	nfsd: fix race to check ls_layouts	2023-03-10 09:33:24 +01:00
nfs4proc.c	nfsd: zero out pointers after putting nfsd_files on COPY setup error	2023-03-10 09:34:01 +01:00
nfs4recover.c
nfs4state.c	nfsd: Fix race to FREE_STATEID and cl_revoked	2023-08-30 16:11:07 +02:00
nfs4xdr.c	NFSD: add encoding of op_recall flag for write delegation	2023-07-19 16:22:08 +02:00
nfscache.c
nfsctl.c	nfsd: fix double fget() bug in __write_ports_addfd()	2023-06-09 10:34:04 +02:00
nfsd.h
nfsfh.c
nfsfh.h
nfsproc.c
nfssvc.c	NFSD: copy the whole verifier in nfsd_copy_write_verifier	2023-03-10 09:33:25 +01:00
nfsxdr.c
pnfs.h
state.h
stats.c
stats.h
trace.c
trace.h	nfsd: don't fsync nfsd_files on last close	2023-03-10 09:33:25 +01:00
vfs.c	nfsd: use vfs setgid helper	2023-08-30 16:11:10 +02:00
vfs.h	NFSD: Pass the target nfsd_file to nfsd_commit()	2023-01-18 11:58:25 +01:00
xdr.h
xdr3.h
xdr4.h	NFSD: enhance inter-server copy cleanup	2023-03-10 09:33:24 +01:00
xdr4cb.h