As Christian Brauner suggested, add a new helper calls inode_sgid_strip()
and does the umask stripping as well and then call it in all these places.
This api is introduced to support strip file's S_ISGID mode on vfs instead
of on underlying filesystem.
Suggested-by: Christian Brauner (Microsoft) <brauner@xxxxxxxxxx>
Signed-off-by: Yang Xu <xuyang2018.jy@xxxxxxxxxxx>
---
include/linux/fs.h | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/include/linux/fs.h b/include/linux/fs.h
index 4a617aaab6f6..8c2f4cde974b 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -3458,6 +3458,15 @@ static inline bool dir_relax_shared(struct inode *inode)
return !IS_DEADDIR(inode);
}
+static inline void prepare_mode(struct user_namespace *mnt_userns,
+ const struct inode *dir, umode_t *mode)
+{
+ inode_sgid_strip(mnt_userns, dir, mode);
+
+ if (!IS_POSIXACL(dir))
+ *mode &= ~current_umask();
+}
+
extern bool path_noexec(const struct path *path);
extern void inode_nohighmem(struct inode *inode);
--
2.27.0
