aboutsummaryrefslogtreecommitdiffstats
path: root/fs/attr.c
diff options
context:
space:
mode:
Diffstat (limited to 'fs/attr.c')
-rw-r--r--fs/attr.c19
1 files changed, 19 insertions, 0 deletions
diff --git a/fs/attr.c b/fs/attr.c
index 25b24d0f6c88..42bb42bb3c72 100644
--- a/fs/attr.c
+++ b/fs/attr.c
@@ -255,6 +255,25 @@ int notify_change(struct dentry * dentry, struct iattr * attr, struct inode **de
255 if (!(attr->ia_valid & ~(ATTR_KILL_SUID | ATTR_KILL_SGID))) 255 if (!(attr->ia_valid & ~(ATTR_KILL_SUID | ATTR_KILL_SGID)))
256 return 0; 256 return 0;
257 257
258 /*
259 * Verify that uid/gid changes are valid in the target
260 * namespace of the superblock.
261 */
262 if (ia_valid & ATTR_UID &&
263 !kuid_has_mapping(inode->i_sb->s_user_ns, attr->ia_uid))
264 return -EOVERFLOW;
265 if (ia_valid & ATTR_GID &&
266 !kgid_has_mapping(inode->i_sb->s_user_ns, attr->ia_gid))
267 return -EOVERFLOW;
268
269 /* Don't allow modifications of files with invalid uids or
270 * gids unless those uids & gids are being made valid.
271 */
272 if (!(ia_valid & ATTR_UID) && !uid_valid(inode->i_uid))
273 return -EOVERFLOW;
274 if (!(ia_valid & ATTR_GID) && !gid_valid(inode->i_gid))
275 return -EOVERFLOW;
276
258 error = security_inode_setattr(dentry, attr); 277 error = security_inode_setattr(dentry, attr);
259 if (error) 278 if (error)
260 return error; 279 return error;
generated by cgit v1.2.2 (git 2.25.0) at 2025-10-01 04:10:12 -0400