Re: [PATCH v8 3/7] xfs: ioctl check for capabilities in the current user namespace

Gao feng <gaofeng@xxxxxxxxxxxxxx> · Fri, 02 Aug 2013 10:47:09 +0800



On 08/01/2013 11:30 PM, Dwight Engen wrote:
> Use inode_capable() to check if SUID|SGID bits should be cleared to match
> similar check in inode_change_ok().
> 
> The check for CAP_LINUX_IMMUTABLE was not modified since all other file
> systems also check against init_user_ns rather than current_user_ns.
> 
> Only allow changing of projid from init_user_ns.
> 
> Signed-off-by: Dwight Engen <dwight.engen@xxxxxxxxxx>
> ---


looks good to me, thanks

Reviewed-by: Gao feng <gaofeng@xxxxxxxxxxxxxx>

>  fs/xfs/xfs_ioctl.c  | 11 +++++++++--
>  kernel/capability.c |  1 +
>  2 files changed, 10 insertions(+), 2 deletions(-)
> 
> diff --git a/fs/xfs/xfs_ioctl.c b/fs/xfs/xfs_ioctl.c
> index 6e2bca5..7b42192 100644
> --- a/fs/xfs/xfs_ioctl.c
> +++ b/fs/xfs/xfs_ioctl.c
> @@ -981,15 +981,22 @@ xfs_ioctl_setattr(
>  	 * to the file owner ID, except in cases where the
>  	 * CAP_FSETID capability is applicable.
>  	 */
> -	if (current_fsuid() != ip->i_d.di_uid && !capable(CAP_FOWNER)) {
> +	if (!inode_owner_or_capable(VFS_I(ip))) {
>  		code = XFS_ERROR(EPERM);
>  		goto error_return;
>  	}
>  
>  	/*
>  	 * Do a quota reservation only if projid is actually going to change.
> +	 * Only allow changing of projid from init_user_ns since it is a
> +	 * non user namespace aware identifier.
>  	 */
>  	if (mask & FSX_PROJID) {
> +		if (current_user_ns() != &init_user_ns) {
> +			code = XFS_ERROR(EINVAL);
> +			goto error_return;
> +		}
> +
>  		if (XFS_IS_QUOTA_RUNNING(mp) &&
>  		    XFS_IS_PQUOTA_ON(mp) &&
>  		    xfs_get_projid(ip) != fa->fsx_projid) {
> @@ -1103,7 +1110,7 @@ xfs_ioctl_setattr(
>  		 * cleared upon successful return from chown()
>  		 */
>  		if ((ip->i_d.di_mode & (S_ISUID|S_ISGID)) &&
> -		    !capable(CAP_FSETID))
> +		    !inode_capable(VFS_I(ip), CAP_FSETID))
>  			ip->i_d.di_mode &= ~(S_ISUID|S_ISGID);
>  
>  		/*
> diff --git a/kernel/capability.c b/kernel/capability.c
> index f6c2ce5..a4b6744 100644
> --- a/kernel/capability.c
> +++ b/kernel/capability.c
> @@ -464,3 +464,4 @@ bool inode_capable(const struct inode *inode, int cap)
>  
>  	return ns_capable(ns, cap) && kuid_has_mapping(ns, inode->i_uid);
>  }
> +EXPORT_SYMBOL(inode_capable);
> 

_______________________________________________
xfs mailing list
xfs@xxxxxxxxxxx
http://oss.sgi.com/mailman/listinfo/xfs