Re: [PATCH v5.10] ceph: fix up non-directory creation in SGID directories

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Dec 23, 2021 at 11:20:07AM +0100, Greg KH wrote:
> On Thu, Dec 23, 2021 at 10:57:33AM +0100, Christian Brauner wrote:
> > From: Christian Brauner <christian.brauner@xxxxxxxxxx>
> > 
> > Ceph always inherits the SGID bit if it is set on the parent inode,
> > while the generic inode_init_owner does not do this in a few cases where
> > it can create a possible security problem (cf. [1]).
> > 
> > Update ceph to strip the SGID bit just as inode_init_owner would.
> > 
> > This bug was detected by the mapped mount testsuite in [3]. The
> > testsuite tests all core VFS functionality and semantics with and
> > without mapped mounts. That is to say it functions as a generic VFS
> > testsuite in addition to a mapped mount testsuite. While working on
> > mapped mount support for ceph, SIGD inheritance was the only failing
> > test for ceph after the port.
> > 
> > The same bug was detected by the mapped mount testsuite in XFS in
> > January 2021 (cf. [2]).
> > 
> > [1]: commit 0fa3ecd87848 ("Fix up non-directory creation in SGID directories")
> > [2]: commit 01ea173e103e ("xfs: fix up non-directory creation in SGID directories")
> > [3]: https://git.kernel.org/fs/xfs/xfstests-dev.git
> > 
> > Cc: stable@xxxxxxxxxxxxxxx (adapted to v5.10)
> > Signed-off-by: Christian Brauner <christian.brauner@xxxxxxxxxx>
> > Reviewed-by: Jeff Layton <jlayton@xxxxxxxxxx>
> > Signed-off-by: Ilya Dryomov <idryomov@xxxxxxxxx>
> > ---
> >  fs/ceph/file.c | 18 +++++++++++++++---
> >  1 file changed, 15 insertions(+), 3 deletions(-)
> 
> What is the git commit id in Linus's tree?

commit fd84bfdddd169c219c3a637889a8b87f70a072c2
Author: Christian Brauner <christian.brauner@xxxxxxxxxx>
Date:   Mon Nov 29 12:16:39 2021 +0100

    ceph: fix up non-directory creation in SGID directories



[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux