Received: by 2002:a25:86ce:0:0:0:0:0 with SMTP id y14csp141891ybm; Mon, 20 May 2019 13:27:17 -0700 (PDT) X-Google-Smtp-Source: APXvYqzwQMb10/qWzrKhFkd3g3PQQkuv75WEqOTWh0ePE9KfIsOeHkYThSSetfvbOs51f/X7sq2d X-Received: by 2002:a17:902:a60e:: with SMTP id u14mr73574164plq.94.1558384037087; Mon, 20 May 2019 13:27:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1558384037; cv=none; d=google.com; s=arc-20160816; b=sdUOcU6GXJwtPXAHwkRLVrAuGM6/6WWVfo7qIFA9f4zzu0U6EDARULr1WjhWCV/F82 aPMz0YyrVrNCsnTikkA5Mh8bX4rIHDIpJ5vHZS/iN0vcbhpjyItiqWZP1N7/LfhhdNYV i6SWbRKfqZZlo9ut4wLij03uFV4+X8R6497Vk9piCEYcUNt5h0qnkAXSrh3MvldQ9a9B HxZnnUAtP4VUzXoxGIiHPbU5GXf+Qt3fClbCOd7fIjarWTmDhMdxInIWKtKk71p+5b1X v69tA78S4MvES5QRZWgNeOzDhJ1tEzBWu/AOj4wr1wrIHncQcoz0G1daRDpAgvJM4bXY +Epw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:message-id:in-reply-to:date:mail-followup-to :mail-copies-to:references:subject:cc:to:from:dkim-signature :dkim-signature; bh=2s8insJw7SXiaaoi7n/jvMQaGaOOEQGGn9MA9sTXCzY=; b=HNfQ+/qpAR2HkA27WYcAjHgLpXbyZnQY3784VTitoqsLmyn6AMi3+0RIaksN/un/Up +BB4DQWWPUUHspM9cLD1cxIPX5+keVMIIsRIabie6bHrxFR7JPmUsWyFEKFN5fk8HMyo yMhfcN6HBBb2GqMg0gdm/YLdRi/qBR2dTlfNfgl4mHWxXpr2b/Co4kitZ1N1MNRU+ISD ndtj/M3WWBizXsN0cyRt7Mea+6Zdj9Z71XSbPKyyHMME/vWoRqrfZK0V1uvkKtXFfo8X w0b802LJeXWaSE/SH+xrxtM0RaB6BkQVq+b6rHyRAshTl1e2U9j3J20mLDTMkc6y1AsZ wzYA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@rath.org header.s=fm2 header.b=nTVN23Go; dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=piEfKWYZ; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i6si21180915pfc.158.2019.05.20.13.27.02; Mon, 20 May 2019 13:27:17 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@rath.org header.s=fm2 header.b=nTVN23Go; dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=piEfKWYZ; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726697AbfETUZ4 (ORCPT + 99 others); Mon, 20 May 2019 16:25:56 -0400 Received: from out4-smtp.messagingengine.com ([66.111.4.28]:55227 "EHLO out4-smtp.messagingengine.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725763AbfETUZz (ORCPT ); Mon, 20 May 2019 16:25:55 -0400 Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.nyi.internal (Postfix) with ESMTP id 01A7524627; Mon, 20 May 2019 16:25:52 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute1.internal (MEProxy); Mon, 20 May 2019 16:25:52 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rath.org; h=from :to:cc:subject:references:date:in-reply-to:message-id :mime-version:content-type:content-transfer-encoding; s=fm2; bh= 2s8insJw7SXiaaoi7n/jvMQaGaOOEQGGn9MA9sTXCzY=; b=nTVN23Gom1plLxpc 7qd56RBh1d3zg39gxTuhjiar9f2o+0UBPe9IZOUFZwuGyCZiz0l6OEjzfyMegQRB kpA61V1jEC4TJQ6w/csBHq88m8rH6mzeHd9p3ib/VOh/wcURQ8E4JWe1z+rxoDJS riIbZmeDgi+SR5rL4zO6JYWtHsTKgQ1fgrGPdVUDNFDlAUnBW6lV7On+2rf54yIL 98ercTcOkQk43giawKpcbz/pB31VOiezM2LsBxthPivE5C81+raWg2rB5OuMjRhP Bm55qTL1E09AlbLJFdhjjdOC5Zsqy2sf8CEohNnAKruGmn+Ryx6fjXLilfgFcdkx FyBTrw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; bh=2s8insJw7SXiaaoi7n/jvMQaGaOOEQGGn9MA9sTXC zY=; b=piEfKWYZVjjloiN91Gr8WKPqaq5AB5JOvYVIJFVUyuzruj6zx1inX4Ag2 fHo2iGeXPT2KD4m5QyY9l3y/uzN6Fyc27m+oNff2mjLkQeRPRFkGgd1u2D2MKzyH zYPCtPggTO9+u2y2vAfbrikr2neLOK1hRytDAYPuQ4igrL2vHjYpXMVa44QF/+P8 vi3bP/E0bYzo7EBvOpFJC+A0RMa1rxC91IOX9oU4w4fo/FPaHBzvgcB3CUZdoe0N dz84LaB6Wto9snsa10XIiO4I7T5RPSg7eMU3Ybmd6ND8Gx1lK4Dcwbrk+6c6GO/q FqfYzEaykUJxI1j2CQEHa+VHKwuIg== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduuddruddtkedgudehvdcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpefhvffufhffjgfkfgggtgfgsehtqhdttddtreejnecuhfhrohhmpefpihhk ohhlrghushcutfgrthhhuceopfhikhholhgruhhssehrrghthhdrohhrgheqnecuffhomh grihhnpehgihhthhhusgdrtghomhenucfkphepudekhedrfedrleegrdduleegnecurfgr rhgrmhepmhgrihhlfhhrohhmpefpihhkohhlrghushesrhgrthhhrdhorhhgnecuvehluh hsthgvrhfuihiivgepud X-ME-Proxy: Received: from ebox.rath.org (ebox.rath.org [185.3.94.194]) by mail.messagingengine.com (Postfix) with ESMTPA id AA09B80061; Mon, 20 May 2019 16:25:50 -0400 (EDT) Received: from vostro.rath.org (vostro [192.168.12.4]) by ebox.rath.org (Postfix) with ESMTPS id CB17360; Mon, 20 May 2019 20:25:49 +0000 (UTC) Received: by vostro.rath.org (Postfix, from userid 1000) id 9E565E00E1; Mon, 20 May 2019 21:25:49 +0100 (BST) From: Nikolaus Rath To: Miklos Szeredi Cc: Vivek Goyal , linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-nvdimm@lists.01.org, stefanha@redhat.com, dgilbert@redhat.com, swhiteho@redhat.com Subject: Re: [PATCH v2 02/30] fuse: Clear setuid bit even in cache=never path References: <20190515192715.18000-1-vgoyal@redhat.com> <20190515192715.18000-3-vgoyal@redhat.com> <20190520144137.GA24093@localhost.localdomain> <20190520144437.GB24093@localhost.localdomain> Mail-Copies-To: never Mail-Followup-To: Miklos Szeredi , Vivek Goyal , linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-nvdimm@lists.01.org, stefanha@redhat.com, dgilbert@redhat.com, swhiteho@redhat.com Date: Mon, 20 May 2019 21:25:49 +0100 In-Reply-To: <20190520144437.GB24093@localhost.localdomain> (Miklos Szeredi's message of "Mon, 20 May 2019 16:44:37 +0200") Message-ID: <87k1ekub3m.fsf@vostro.rath.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On May 20 2019, Miklos Szeredi wrote: > On Mon, May 20, 2019 at 04:41:37PM +0200, Miklos Szeredi wrote: >> On Wed, May 15, 2019 at 03:26:47PM -0400, Vivek Goyal wrote: >> > If fuse daemon is started with cache=3Dnever, fuse falls back to direc= t IO. >> > In that write path we don't call file_remove_privs() and that means se= tuid >> > bit is not cleared if unpriviliged user writes to a file with setuid b= it set. >> >=20 >> > pjdfstest chmod test 12.t tests this and fails. >>=20 >> I think better sulution is to tell the server if the suid bit needs to be >> removed, so it can do so in a race free way. >>=20 >> Here's the kernel patch, and I'll reply with the libfuse patch. > > Here are the patches for libfuse and passthrough_ll. Could you also submit them as pull requests at https://github.com/libfuse/l= ibfuse/pulls? Best, -Nikolaus --=20 GPG Fingerprint: ED31 791B 2C5C 1613 AF38 8B8A D113 FCAC 3C4E 599F =C2=BBTime flies like an arrow, fruit flies like a Banana.=C2= =AB