Message ID | 20230313-fs-nfs-setgid-v1-1-5b1fa599f186@kernel.org |
---|---|
State | New |
Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org> Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:5915:0:0:0:0:0 with SMTP id v21csp1187284wrd; Mon, 13 Mar 2023 06:31:46 -0700 (PDT) X-Google-Smtp-Source: AK7set+T+YEJP6dRDItCAXc2J7PCuDcfjq5f55dQMZ33dzg/i0ySi/DLegAWrzw8J0RIfQwMM5Db X-Received: by 2002:a17:903:1c1:b0:19e:6700:174 with SMTP id e1-20020a17090301c100b0019e67000174mr43083891plh.25.1678714306147; Mon, 13 Mar 2023 06:31:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1678714306; cv=none; d=google.com; s=arc-20160816; b=MH5wcLtIt+/pFGYbN14wShT87XDp/69WTZ+DGX9efo3xOW1XW6YjzUlB0hcung71Di SQBFen9flndfvuPQhBTC1CvmjZqXjYXAWrijbvtXpaRrus3sujXRT3uk06hFmqI1g9lF xBOJI0b0Zr1/GDOx5dFwoUge14C4tjutQ2HLk/e8NDenBh7TLqARZi9DC0Hwaxoq8fWg b5FDIRxhzzu8m8ctUlUAIc90m/kPgOr/cPn1IEz1Z/26r+3Ms0vospAaDMLGe5xZPuxB OgtvmzT3/BVv1hZtlInylfszs7UomxKs0aygHUHGSReh/Y3w+8jEBYt4TcL4MHyocbTt htuQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:message-id:content-transfer-encoding :mime-version:subject:date:from:dkim-signature; bh=kYeEKzCxSWnJI7T8YrlpjyTxERsz1N//tp/OiJs2wZE=; b=OCzgY3orng9jZ3V3O+LsVBSd2UlDfuvjTqKU5fg3qPAcplzhL0TCQADQ3/TAc7GYns +m3/QbuFSvnhouoDS/Wm2TrqOUBLbp5SWIcUyHaWGd328S/qw5Edhv28Uw2JtmjEZVIv Jl3ePI5Y5ZGg0AVAbK97AWHghk9bd6WhLWysvunGJrpzPkwJfM8HSKDH2FMkZY4QiJcN mJYXkLSqG6Ebpse0azhXwL9LEfI332tvxLwwK11w3R3vY1+SXwmjilP62YwA37kG3Uyl vgVjn544AlbJLYcDsFtD7pIrj4uEAcy9SF/MRPyz+ShiqgSgQShJrZMwOnkgFolNtbAj V1JQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b="YnZXf/Nf"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id 16-20020a630b10000000b004ded572f110si6524145pgl.870.2023.03.13.06.31.32; Mon, 13 Mar 2023 06:31:46 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b="YnZXf/Nf"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230025AbjCMNZ4 (ORCPT <rfc822;realc9580@gmail.com> + 99 others); Mon, 13 Mar 2023 09:25:56 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39214 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230360AbjCMNZw (ORCPT <rfc822;linux-kernel@vger.kernel.org>); Mon, 13 Mar 2023 09:25:52 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 164DD26CEA; Mon, 13 Mar 2023 06:25:51 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id B1D11B80DFC; Mon, 13 Mar 2023 13:25:49 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 7000BC4339C; Mon, 13 Mar 2023 13:25:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1678713948; bh=k2LYFFGMZwKGlMXyjsfyVXpfREqFKoaTC649uhWuyFA=; h=From:Date:Subject:To:Cc:From; b=YnZXf/Nfq6e0MA5aFIVdAplX5MmTxwm+XdPAi0on/KYWlCKKgHM9C7okvNOYLTQ2D CUd7mcAL9rMI0Pu6nCppUAWDDXq/2r0F6XA9TT+VUtZ/JvUM4G6CDRqRlfH4e6HHdQ lALYXg+VY3D6XVMdKrZR0De8Davmab/ZrJ85K9Ul/yZFlym3sR0EpN6qKZknOKKiwO Y9HZGReptoagmTWZ2illQaNnKgbWS4fT+SVZH0ODL2byfOJEulfgZrBDW3JghYc5sU xcRYx0kcG/9BkXBVTjX28zYD08/kdnk2RdD43s9KSIjl/EdwcfFYwHeaxzp7GbXS2w qHIq0bFt3Eryw== From: Christian Brauner <brauner@kernel.org> Date: Mon, 13 Mar 2023 14:25:34 +0100 Subject: [PATCH] nfs: use vfs setgid helper MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Message-Id: <20230313-fs-nfs-setgid-v1-1-5b1fa599f186@kernel.org> X-B4-Tracking: v=1; b=H4sIAE0kD2QC/x2NSwqEQAwFryJZT6A/KuhVhlmkNWoWtkMiIoh3n 3YWb1E8irrAWIUN+uoC5UNMtlzAvyoYFsozo4yFIbgQXfQRJ8NcZrzPMmLbdLV35F0KDRQnkTE mpTwsj7WS7azP8VWe5PyH3p/7/gFOIfpaeAAAAA== To: Trond Myklebust <trond.myklebust@hammerspace.com>, Anna Schumaker <anna@kernel.org>, Chuck Lever <chuck.lever@oracle.com>, Jeff Layton <jlayton@kernel.org> Cc: linux-fsdevel@vger.kernel.org, linux-nfs@vger.kernel.org, linux-kernel@vger.kernel.org, "Christian Brauner (Microsoft)" <brauner@kernel.org> X-Mailer: b4 0.13-dev-2eb1a X-Developer-Signature: v=1; a=openpgp-sha256; l=1599; i=brauner@kernel.org; h=from:subject:message-id; bh=k2LYFFGMZwKGlMXyjsfyVXpfREqFKoaTC649uhWuyFA=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMaTwq0T1zOab1VwXZ3/s/TGunzn5++0Wnub8uZ3Zv4KPJebu e8HajlIWBjEuBlkxRRaHdpNwueU8FZuNMjVg5rAygQxh4OIUgIl82cfIcPeQhMpD0YVLfm9Syi3Z4y Fs2r7LWuKF8YH65v8GpS/vijAy7GZQXFo+KSk7idtSTOR0/bvUGu/HfKqvDjQlHzxUtTWcDwA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: <linux-kernel.vger.kernel.org> X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1760259532325278968?= X-GMAIL-MSGID: =?utf-8?q?1760259532325278968?= |
Series |
nfs: use vfs setgid helper
|
|
Commit Message
Christian Brauner
March 13, 2023, 1:25 p.m. UTC
We've aligned setgid behavior over multiple kernel releases. The details
can be found in the following two merge messages:
cf619f891971 ("Merge tag 'fs.ovl.setgid.v6.2')
426b4ca2d6a5 ("Merge tag 'fs.setgid.v6.0')
Consistent setgid stripping behavior is now encapsulated in the
setattr_should_drop_sgid() helper which is used by all filesystems that
strip setgid bits outside of vfs proper. Switch nfs to rely on this
helper as well. Without this patch the setgid stripping tests in
xfstests will fail.
Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org>
---
fs/nfs/inode.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
---
base-commit: eeac8ede17557680855031c6f305ece2378af326
change-id: 20230313-fs-nfs-setgid-659410a10b25
Comments
On Mon, Mar 13, 2023 at 02:25:34PM +0100, Christian Brauner wrote: > +#include "../internal.h" > + if (setattr_should_drop_sgid(&nop_mnt_idmap, inode)) It setattr_should_drop_sgid is used by file systems, it should not be in internal.h.
On Mon, Mar 13, 2023 at 08:23:49AM -0700, Christoph Hellwig wrote: > On Mon, Mar 13, 2023 at 02:25:34PM +0100, Christian Brauner wrote: > > +#include "../internal.h" > > > + if (setattr_should_drop_sgid(&nop_mnt_idmap, inode)) > > It setattr_should_drop_sgid is used by file systems, it should not be in > internal.h. Good catch. I accidently didn't move it into include/linux/fs.h with setattr_should_drop_suidgid(). Let me resend. Thanks for catching this...
Hi Christian,
I love your patch! Yet something to improve:
[auto build test ERROR on eeac8ede17557680855031c6f305ece2378af326]
url: https://github.com/intel-lab-lkp/linux/commits/Christian-Brauner/nfs-use-vfs-setgid-helper/20230313-212725
base: eeac8ede17557680855031c6f305ece2378af326
patch link: https://lore.kernel.org/r/20230313-fs-nfs-setgid-v1-1-5b1fa599f186%40kernel.org
patch subject: [PATCH] nfs: use vfs setgid helper
config: parisc64-defconfig (https://download.01.org/0day-ci/archive/20230314/202303140652.dN7XrtM4-lkp@intel.com/config)
compiler: hppa64-linux-gcc (GCC) 12.1.0
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://github.com/intel-lab-lkp/linux/commit/503d040be490a519b2e483672702dcca530443ce
git remote add linux-review https://github.com/intel-lab-lkp/linux
git fetch --no-tags linux-review Christian-Brauner/nfs-use-vfs-setgid-helper/20230313-212725
git checkout 503d040be490a519b2e483672702dcca530443ce
# save the config file
mkdir build_dir && cp config build_dir/.config
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-12.1.0 make.cross W=1 O=build_dir ARCH=parisc64 olddefconfig
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-12.1.0 make.cross W=1 O=build_dir ARCH=parisc64 SHELL=/bin/bash
If you fix the issue, kindly add following tag where applicable
| Reported-by: kernel test robot <lkp@intel.com>
| Link: https://lore.kernel.org/oe-kbuild-all/202303140652.dN7XrtM4-lkp@intel.com/
All errors (new ones prefixed by >>, old ones prefixed by <<):
>> ERROR: modpost: "setattr_should_drop_sgid" [fs/nfs/nfs.ko] undefined!
diff --git a/fs/nfs/inode.c b/fs/nfs/inode.c index 222a28320e1c..5001086500b3 100644 --- a/fs/nfs/inode.c +++ b/fs/nfs/inode.c @@ -42,6 +42,7 @@ #include <linux/uaccess.h> #include <linux/iversion.h> +#include "../internal.h" #include "nfs4_fs.h" #include "callback.h" #include "delegation.h" @@ -717,9 +718,7 @@ void nfs_setattr_update_inode(struct inode *inode, struct iattr *attr, if ((attr->ia_valid & ATTR_KILL_SUID) != 0 && inode->i_mode & S_ISUID) inode->i_mode &= ~S_ISUID; - if ((attr->ia_valid & ATTR_KILL_SGID) != 0 && - (inode->i_mode & (S_ISGID | S_IXGRP)) == - (S_ISGID | S_IXGRP)) + if (setattr_should_drop_sgid(&nop_mnt_idmap, inode)) inode->i_mode &= ~S_ISGID; if ((attr->ia_valid & ATTR_MODE) != 0) { int mode = attr->ia_mode & S_IALLUGO;