www.infradead.org Git - users/jedix/linux-maple.git/commit

author	Jan Kara <jack@suse.cz>
	Thu, 21 May 2015 14:05:55 +0000 (16:05 +0200)
committer	Chuck Anderson <chuck.anderson@oracle.com>
	Mon, 29 May 2017 00:52:37 +0000 (17:52 -0700)
commit	96c4a361b2188cb231fb7e24b12857af3a9290d7
tree	670d69a8fcea0fbb851e6b0c11b2ae0b750106d2	tree
parent	acafb9ff9a0c7d3cf2bbedbdfdc5ea0fbd95af9e	commit \| diff

fs: Call security_ops->inode_killpriv on truncate

From 45f147a1bc97c743c6101a8d2741c69a51f583e4 Mon Sep 17 00:00:00 2001

Comment in include/linux/security.h says that ->inode_killpriv() should
be called when setuid bit is being removed and that similar security
labels (in fact this applies only to file capabilities) should be
removed at this time as well. However we don't call ->inode_killpriv()
when we remove suid bit on truncate.

We fix the problem by calling ->inode_need_killpriv() and subsequently
->inode_killpriv() on truncate the same way as we do it on file write.

After this patch there's only one user of should_remove_suid() - ocfs2 -
and indeed it's buggy because it doesn't call ->inode_killpriv() on
write. However fixing it is difficult because of special locking
constraints.

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Orabug: 24803533
Signed-off-by: darrick.wong@oracle.com

fs/inode.c		diff \| blob \| history
fs/open.c		diff \| blob \| history
include/linux/fs.h		diff \| blob \| history