From patchwork Mon Mar 13 13:25:34 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christian Brauner X-Patchwork-Id: 68837 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:5915:0:0:0:0:0 with SMTP id v21csp1187284wrd; Mon, 13 Mar 2023 06:31:46 -0700 (PDT) X-Google-Smtp-Source: AK7set+T+YEJP6dRDItCAXc2J7PCuDcfjq5f55dQMZ33dzg/i0ySi/DLegAWrzw8J0RIfQwMM5Db X-Received: by 2002:a17:903:1c1:b0:19e:6700:174 with SMTP id e1-20020a17090301c100b0019e67000174mr43083891plh.25.1678714306147; Mon, 13 Mar 2023 06:31:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1678714306; cv=none; d=google.com; s=arc-20160816; b=MH5wcLtIt+/pFGYbN14wShT87XDp/69WTZ+DGX9efo3xOW1XW6YjzUlB0hcung71Di SQBFen9flndfvuPQhBTC1CvmjZqXjYXAWrijbvtXpaRrus3sujXRT3uk06hFmqI1g9lF xBOJI0b0Zr1/GDOx5dFwoUge14C4tjutQ2HLk/e8NDenBh7TLqARZi9DC0Hwaxoq8fWg b5FDIRxhzzu8m8ctUlUAIc90m/kPgOr/cPn1IEz1Z/26r+3Ms0vospAaDMLGe5xZPuxB OgtvmzT3/BVv1hZtlInylfszs7UomxKs0aygHUHGSReh/Y3w+8jEBYt4TcL4MHyocbTt htuQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:message-id:content-transfer-encoding :mime-version:subject:date:from:dkim-signature; bh=kYeEKzCxSWnJI7T8YrlpjyTxERsz1N//tp/OiJs2wZE=; b=OCzgY3orng9jZ3V3O+LsVBSd2UlDfuvjTqKU5fg3qPAcplzhL0TCQADQ3/TAc7GYns +m3/QbuFSvnhouoDS/Wm2TrqOUBLbp5SWIcUyHaWGd328S/qw5Edhv28Uw2JtmjEZVIv Jl3ePI5Y5ZGg0AVAbK97AWHghk9bd6WhLWysvunGJrpzPkwJfM8HSKDH2FMkZY4QiJcN mJYXkLSqG6Ebpse0azhXwL9LEfI332tvxLwwK11w3R3vY1+SXwmjilP62YwA37kG3Uyl vgVjn544AlbJLYcDsFtD7pIrj4uEAcy9SF/MRPyz+ShiqgSgQShJrZMwOnkgFolNtbAj V1JQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b="YnZXf/Nf"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id 16-20020a630b10000000b004ded572f110si6524145pgl.870.2023.03.13.06.31.32; Mon, 13 Mar 2023 06:31:46 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b="YnZXf/Nf"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230025AbjCMNZ4 (ORCPT + 99 others); Mon, 13 Mar 2023 09:25:56 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39214 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230360AbjCMNZw (ORCPT ); Mon, 13 Mar 2023 09:25:52 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 164DD26CEA; Mon, 13 Mar 2023 06:25:51 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id B1D11B80DFC; Mon, 13 Mar 2023 13:25:49 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 7000BC4339C; Mon, 13 Mar 2023 13:25:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1678713948; bh=k2LYFFGMZwKGlMXyjsfyVXpfREqFKoaTC649uhWuyFA=; h=From:Date:Subject:To:Cc:From; b=YnZXf/Nfq6e0MA5aFIVdAplX5MmTxwm+XdPAi0on/KYWlCKKgHM9C7okvNOYLTQ2D CUd7mcAL9rMI0Pu6nCppUAWDDXq/2r0F6XA9TT+VUtZ/JvUM4G6CDRqRlfH4e6HHdQ lALYXg+VY3D6XVMdKrZR0De8Davmab/ZrJ85K9Ul/yZFlym3sR0EpN6qKZknOKKiwO Y9HZGReptoagmTWZ2illQaNnKgbWS4fT+SVZH0ODL2byfOJEulfgZrBDW3JghYc5sU xcRYx0kcG/9BkXBVTjX28zYD08/kdnk2RdD43s9KSIjl/EdwcfFYwHeaxzp7GbXS2w qHIq0bFt3Eryw== From: Christian Brauner Date: Mon, 13 Mar 2023 14:25:34 +0100 Subject: [PATCH] nfs: use vfs setgid helper MIME-Version: 1.0 Message-Id: <20230313-fs-nfs-setgid-v1-1-5b1fa599f186@kernel.org> X-B4-Tracking: v=1; b=H4sIAE0kD2QC/x2NSwqEQAwFryJZT6A/KuhVhlmkNWoWtkMiIoh3n 3YWb1E8irrAWIUN+uoC5UNMtlzAvyoYFsozo4yFIbgQXfQRJ8NcZrzPMmLbdLV35F0KDRQnkTE mpTwsj7WS7azP8VWe5PyH3p/7/gFOIfpaeAAAAA== To: Trond Myklebust , Anna Schumaker , Chuck Lever , Jeff Layton Cc: linux-fsdevel@vger.kernel.org, linux-nfs@vger.kernel.org, linux-kernel@vger.kernel.org, "Christian Brauner (Microsoft)" X-Mailer: b4 0.13-dev-2eb1a X-Developer-Signature: v=1; a=openpgp-sha256; l=1599; i=brauner@kernel.org; h=from:subject:message-id; bh=k2LYFFGMZwKGlMXyjsfyVXpfREqFKoaTC649uhWuyFA=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMaTwq0T1zOab1VwXZ3/s/TGunzn5++0Wnub8uZ3Zv4KPJebu e8HajlIWBjEuBlkxRRaHdpNwueU8FZuNMjVg5rAygQxh4OIUgIl82cfIcPeQhMpD0YVLfm9Syi3Z4y Fs2r7LWuKF8YH65v8GpS/vijAy7GZQXFo+KSk7idtSTOR0/bvUGu/HfKqvDjQlHzxUtTWcDwA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1760259532325278968?= X-GMAIL-MSGID: =?utf-8?q?1760259532325278968?= We've aligned setgid behavior over multiple kernel releases. The details can be found in the following two merge messages: cf619f891971 ("Merge tag 'fs.ovl.setgid.v6.2') 426b4ca2d6a5 ("Merge tag 'fs.setgid.v6.0') Consistent setgid stripping behavior is now encapsulated in the setattr_should_drop_sgid() helper which is used by all filesystems that strip setgid bits outside of vfs proper. Switch nfs to rely on this helper as well. Without this patch the setgid stripping tests in xfstests will fail. Signed-off-by: Christian Brauner (Microsoft) --- fs/nfs/inode.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) --- base-commit: eeac8ede17557680855031c6f305ece2378af326 change-id: 20230313-fs-nfs-setgid-659410a10b25 diff --git a/fs/nfs/inode.c b/fs/nfs/inode.c index 222a28320e1c..5001086500b3 100644 --- a/fs/nfs/inode.c +++ b/fs/nfs/inode.c @@ -42,6 +42,7 @@ #include #include +#include "../internal.h" #include "nfs4_fs.h" #include "callback.h" #include "delegation.h" @@ -717,9 +718,7 @@ void nfs_setattr_update_inode(struct inode *inode, struct iattr *attr, if ((attr->ia_valid & ATTR_KILL_SUID) != 0 && inode->i_mode & S_ISUID) inode->i_mode &= ~S_ISUID; - if ((attr->ia_valid & ATTR_KILL_SGID) != 0 && - (inode->i_mode & (S_ISGID | S_IXGRP)) == - (S_ISGID | S_IXGRP)) + if (setattr_should_drop_sgid(&nop_mnt_idmap, inode)) inode->i_mode &= ~S_ISGID; if ((attr->ia_valid & ATTR_MODE) != 0) { int mode = attr->ia_mode & S_IALLUGO;