Re: [PATCH v7 4/4] ceph: Remove S_ISGID stripping code in ceph_finish_async_create

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Apr 26, 2022 at 12:19:52PM +0800, Yang Xu wrote:
> Previous patches moved sgid stripping exclusively into the vfs. So
> manual sgid stripping by the filesystem isn't needed anymore.
> 
> Reviewed-by: Xiubo Li <xiubli@xxxxxxxxxx>
> Reviewed-by: Christian Brauner (Microsoft)<brauner@xxxxxxxxxx>
> Signed-off-by: Yang Xu <xuyang2018.jy@xxxxxxxxxxx>
> ---

Since this is a very sensitive patch series I think we need to be
annoyingly pedantic about the commit messages. This is really only
necessary because of the nature of these changes so you'll forgive me
for being really annoying about this. Here's what I'd change the commit
messages to:

ceph: rely on vfs for setgid stripping

Now that we finished moving setgid stripping for regular files in setgid
directories into the vfs, individual filesystem don't need to manually
strip the setgid bit anymore. Drop the now unneeded code from ceph.


>  fs/ceph/file.c | 4 ----
>  1 file changed, 4 deletions(-)
> 
> diff --git a/fs/ceph/file.c b/fs/ceph/file.c
> index 6c9e837aa1d3..8e3b99853333 100644
> --- a/fs/ceph/file.c
> +++ b/fs/ceph/file.c
> @@ -651,10 +651,6 @@ static int ceph_finish_async_create(struct inode *dir, struct dentry *dentry,
>  		/* Directories always inherit the setgid bit. */
>  		if (S_ISDIR(mode))
>  			mode |= S_ISGID;

(Frankly, this ideally shouldn't be necessary as well, i.e. it'd be
great if that part would've been done by the vfs already too but it's
not as security sensitive as setgid stripping for regular files.)



[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [NTFS 3]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [NTFS 3]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux