Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756333AbdLVObi (ORCPT ); Fri, 22 Dec 2017 09:31:38 -0500 Received: from mail-wm0-f66.google.com ([74.125.82.66]:37686 "EHLO mail-wm0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1756139AbdLVObY (ORCPT ); Fri, 22 Dec 2017 09:31:24 -0500 X-Google-Smtp-Source: ACJfBosGf4JxveYYd8n2KCySH3vnBjt0dsaoLc1M793hhh6S00V018+Xsu9EIHJYFOiBOuQ3RxTvjw== From: Dongsu Park To: linux-kernel@vger.kernel.org Cc: containers@lists.linux-foundation.org, Alban Crequy , "Eric W . Biederman" , Miklos Szeredi , Seth Forshee , Sargun Dhillon , Dongsu Park , linux-fsdevel@vger.kernel.org, Alexander Viro , Serge Hallyn Subject: [PATCH 04/11] fs: Don't remove suid for CAP_FSETID for userns root Date: Fri, 22 Dec 2017 15:32:28 +0100 Message-Id: X-Mailer: git-send-email 2.13.6 In-Reply-To: References: Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1363 Lines: 45 From: Seth Forshee Expand the check in should_remove_suid() to keep privileges for CAP_FSETID in s_user_ns rather than init_user_ns. Patch v4 is available: https://patchwork.kernel.org/patch/8944621/ --EWB Changed from ns_capable(sb->s_user_ns, ) to capable_wrt_inode_uidgid Cc: linux-fsdevel@vger.kernel.org Cc: linux-kernel@vger.kernel.org Cc: Alexander Viro Cc: Serge Hallyn Signed-off-by: Seth Forshee Signed-off-by: Dongsu Park --- fs/inode.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/fs/inode.c b/fs/inode.c index fd401028..6459a437 100644 --- a/fs/inode.c +++ b/fs/inode.c @@ -1749,7 +1749,8 @@ EXPORT_SYMBOL(touch_atime); */ int should_remove_suid(struct dentry *dentry) { - umode_t mode = d_inode(dentry)->i_mode; + struct inode *inode = d_inode(dentry); + umode_t mode = inode->i_mode; int kill = 0; /* suid always must be killed */ @@ -1763,7 +1764,8 @@ int should_remove_suid(struct dentry *dentry) if (unlikely((mode & S_ISGID) && (mode & S_IXGRP))) kill |= ATTR_KILL_SGID; - if (unlikely(kill && !capable(CAP_FSETID) && S_ISREG(mode))) + if (unlikely(kill && !capable_wrt_inode_uidgid(inode, CAP_FSETID) && + S_ISREG(mode))) return kill; return 0; -- 2.13.6