mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2025-01-04 12:16:41 +00:00
xfs: ioctl check for capabilities in the current user namespace
Use inode_capable() to check if SUID|SGID bits should be cleared to match similar check in inode_change_ok(). The check for CAP_LINUX_IMMUTABLE was not modified since all other file systems also check against init_user_ns rather than current_user_ns. Only allow changing of projid from init_user_ns. Reviewed-by: Dave Chinner <dchinner@redhat.com> Reviewed-by: Gao feng <gaofeng@cn.fujitsu.com> Signed-off-by: Dwight Engen <dwight.engen@oracle.com> Signed-off-by: Ben Myers <bpm@sgi.com>
This commit is contained in:
parent
288bbe0eeb
commit
fd5e2aa865
@ -1015,15 +1015,22 @@ xfs_ioctl_setattr(
|
||||
* to the file owner ID, except in cases where the
|
||||
* CAP_FSETID capability is applicable.
|
||||
*/
|
||||
if (current_fsuid() != ip->i_d.di_uid && !capable(CAP_FOWNER)) {
|
||||
if (!inode_owner_or_capable(VFS_I(ip))) {
|
||||
code = XFS_ERROR(EPERM);
|
||||
goto error_return;
|
||||
}
|
||||
|
||||
/*
|
||||
* Do a quota reservation only if projid is actually going to change.
|
||||
* Only allow changing of projid from init_user_ns since it is a
|
||||
* non user namespace aware identifier.
|
||||
*/
|
||||
if (mask & FSX_PROJID) {
|
||||
if (current_user_ns() != &init_user_ns) {
|
||||
code = XFS_ERROR(EINVAL);
|
||||
goto error_return;
|
||||
}
|
||||
|
||||
if (XFS_IS_QUOTA_RUNNING(mp) &&
|
||||
XFS_IS_PQUOTA_ON(mp) &&
|
||||
xfs_get_projid(ip) != fa->fsx_projid) {
|
||||
@ -1137,7 +1144,7 @@ xfs_ioctl_setattr(
|
||||
* cleared upon successful return from chown()
|
||||
*/
|
||||
if ((ip->i_d.di_mode & (S_ISUID|S_ISGID)) &&
|
||||
!capable(CAP_FSETID))
|
||||
!inode_capable(VFS_I(ip), CAP_FSETID))
|
||||
ip->i_d.di_mode &= ~(S_ISUID|S_ISGID);
|
||||
|
||||
/*
|
||||
|
@ -464,3 +464,4 @@ bool inode_capable(const struct inode *inode, int cap)
|
||||
|
||||
return ns_capable(ns, cap) && kuid_has_mapping(ns, inode->i_uid);
|
||||
}
|
||||
EXPORT_SYMBOL(inode_capable);
|
||||
|
Loading…
Reference in New Issue
Block a user