diff options
| author | Dwight Engen <dwight.engen@oracle.com> | 2013-08-15 14:08:00 -0400 |
|---|---|---|
| committer | Ben Myers <bpm@sgi.com> | 2013-08-15 15:19:25 -0400 |
| commit | fd5e2aa8653665ae1cc60f7aca1069abdbcad3f6 (patch) | |
| tree | 5d05c2c4190f30534f866ef881a8391bc7ea322c | |
| parent | 288bbe0eeb3da7238482ca586c6fb029801336be (diff) | |
xfs: ioctl check for capabilities in the current user namespace
Use inode_capable() to check if SUID|SGID bits should be cleared to match
similar check in inode_change_ok().
The check for CAP_LINUX_IMMUTABLE was not modified since all other file
systems also check against init_user_ns rather than current_user_ns.
Only allow changing of projid from init_user_ns.
Reviewed-by: Dave Chinner <dchinner@redhat.com>
Reviewed-by: Gao feng <gaofeng@cn.fujitsu.com>
Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Signed-off-by: Ben Myers <bpm@sgi.com>
| -rw-r--r-- | fs/xfs/xfs_ioctl.c | 11 | ||||
| -rw-r--r-- | kernel/capability.c | 1 |
2 files changed, 10 insertions, 2 deletions
diff --git a/fs/xfs/xfs_ioctl.c b/fs/xfs/xfs_ioctl.c index e9c17e2ed6d7..999c1efd6af5 100644 --- a/fs/xfs/xfs_ioctl.c +++ b/fs/xfs/xfs_ioctl.c | |||
| @@ -1015,15 +1015,22 @@ xfs_ioctl_setattr( | |||
| 1015 | * to the file owner ID, except in cases where the | 1015 | * to the file owner ID, except in cases where the |
| 1016 | * CAP_FSETID capability is applicable. | 1016 | * CAP_FSETID capability is applicable. |
| 1017 | */ | 1017 | */ |
| 1018 | if (current_fsuid() != ip->i_d.di_uid && !capable(CAP_FOWNER)) { | 1018 | if (!inode_owner_or_capable(VFS_I(ip))) { |
| 1019 | code = XFS_ERROR(EPERM); | 1019 | code = XFS_ERROR(EPERM); |
| 1020 | goto error_return; | 1020 | goto error_return; |
| 1021 | } | 1021 | } |
| 1022 | 1022 | ||
| 1023 | /* | 1023 | /* |
| 1024 | * Do a quota reservation only if projid is actually going to change. | 1024 | * Do a quota reservation only if projid is actually going to change. |
| 1025 | * Only allow changing of projid from init_user_ns since it is a | ||
| 1026 | * non user namespace aware identifier. | ||
| 1025 | */ | 1027 | */ |
| 1026 | if (mask & FSX_PROJID) { | 1028 | if (mask & FSX_PROJID) { |
| 1029 | if (current_user_ns() != &init_user_ns) { | ||
| 1030 | code = XFS_ERROR(EINVAL); | ||
| 1031 | goto error_return; | ||
| 1032 | } | ||
| 1033 | |||
| 1027 | if (XFS_IS_QUOTA_RUNNING(mp) && | 1034 | if (XFS_IS_QUOTA_RUNNING(mp) && |
| 1028 | XFS_IS_PQUOTA_ON(mp) && | 1035 | XFS_IS_PQUOTA_ON(mp) && |
| 1029 | xfs_get_projid(ip) != fa->fsx_projid) { | 1036 | xfs_get_projid(ip) != fa->fsx_projid) { |
| @@ -1137,7 +1144,7 @@ xfs_ioctl_setattr( | |||
| 1137 | * cleared upon successful return from chown() | 1144 | * cleared upon successful return from chown() |
| 1138 | */ | 1145 | */ |
| 1139 | if ((ip->i_d.di_mode & (S_ISUID|S_ISGID)) && | 1146 | if ((ip->i_d.di_mode & (S_ISUID|S_ISGID)) && |
| 1140 | !capable(CAP_FSETID)) | 1147 | !inode_capable(VFS_I(ip), CAP_FSETID)) |
| 1141 | ip->i_d.di_mode &= ~(S_ISUID|S_ISGID); | 1148 | ip->i_d.di_mode &= ~(S_ISUID|S_ISGID); |
| 1142 | 1149 | ||
| 1143 | /* | 1150 | /* |
diff --git a/kernel/capability.c b/kernel/capability.c index f6c2ce5701e1..a4b67446dc87 100644 --- a/kernel/capability.c +++ b/kernel/capability.c | |||
| @@ -464,3 +464,4 @@ bool inode_capable(const struct inode *inode, int cap) | |||
| 464 | 464 | ||
| 465 | return ns_capable(ns, cap) && kuid_has_mapping(ns, inode->i_uid); | 465 | return ns_capable(ns, cap) && kuid_has_mapping(ns, inode->i_uid); |
| 466 | } | 466 | } |
| 467 | EXPORT_SYMBOL(inode_capable); | ||