Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp501744pxf; Thu, 25 Mar 2021 08:21:03 -0700 (PDT) X-Google-Smtp-Source: ABdhPJy88tzkfkBAcFbNYyVLbZbI+ypLHqeMubRzHoyglaGpi0uuSqPrTyI/VHiTOT8Peyuk4IMQ X-Received: by 2002:aa7:c342:: with SMTP id j2mr9907478edr.8.1616685663410; Thu, 25 Mar 2021 08:21:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1616685663; cv=none; d=google.com; s=arc-20160816; b=Wry6AfFv4/YgYdWJse7hmL8nnupr901lEVhBdq6zIQ34QZSmuXKp9HUHGsmHAkZemI IhGDr6TNXq90UrUnYCa+l2mxGKhPZwzi+wG7dpp/kw4e58GH2fF7uHj4icmdRGhCy5wn WQpl1tcLV+3ak6ssgUGqCz0Zlh+hsIyIPWqd6j+ZlLaZlQVUQDtb3G8BJoGfeJfw+YPL +/McfDxlpJi0UQcKXbkzRWHNNDUb24rqmMds87SdYaZtdhOiSyeXafMBXx7OMkKRlUgw 0hmShFy7IyVluDcpfzkWnQciF24VoVDqmIf20fh+X9X6qMeswzrwq79UnURm0DqEl57g jdyQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=7MNlH2ghOdmhiqcKF78/OwHndghS622I9hXiGUvAD1k=; b=XXRKgnzwlbYShLxZLWa5w6dopj7tNFc8LjX1z7GKU5IZslNAmBP9ZkwIfQrc35VYS/ eHHQn+m461485C4+Bo9QQlwjFXkQhulqg6EKoLuPqEQO3RkpyLZRmoOTwaIL61Axb52F Em5o4VIywUcyjY6F5e/rH+fyhTO6zWJHv3umQIkjRkIlX6i7sZTF29RFLi4B4Zkggd6t 8CjZzD+tBUitV+II2TaBOu9sA8VHRRv/06LAR8yBSsqAJKd6RGx7ZmznAZcsDNwsLc4B QKy75KAVn7wYZaMqnNMViMnAF9kU2q971Is4kEGfr8248PVMEUgrKfMdDwRMeF9zFXwm lpsQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=DmGF6SaA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id f4si4424576ejf.359.2021.03.25.08.20.39; Thu, 25 Mar 2021 08:21:03 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=DmGF6SaA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231352AbhCYPTS (ORCPT + 99 others); Thu, 25 Mar 2021 11:19:18 -0400 Received: from us-smtp-delivery-124.mimecast.com ([216.205.24.124]:47800 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230517AbhCYPTG (ORCPT ); Thu, 25 Mar 2021 11:19:06 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1616685543; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=7MNlH2ghOdmhiqcKF78/OwHndghS622I9hXiGUvAD1k=; b=DmGF6SaAHh+acf2Wx7rFV59t7V/P+pJ93QCXWNifDqegzzfbE5kcf8XEQZUtBZ3QuCbZUp xWyFe1VFEmEw0/i3phlOkGKdE5NWNPrueKfOiO9LwV3aMx3FLE1Z0Xw9j1Kb3j5Sed8q4H l1kNR7KlwPQK1TtgPN6vOYzD7ruJbLM= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-309-oXtED4M9OZq8MV8t9xxUjw-1; Thu, 25 Mar 2021 11:18:59 -0400 X-MC-Unique: oXtED4M9OZq8MV8t9xxUjw-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 2392096E551; Thu, 25 Mar 2021 15:18:58 +0000 (UTC) Received: from horse.redhat.com (ovpn-118-78.rdu2.redhat.com [10.10.118.78]) by smtp.corp.redhat.com (Postfix) with ESMTP id E4CC976E35; Thu, 25 Mar 2021 15:18:45 +0000 (UTC) Received: by horse.redhat.com (Postfix, from userid 10451) id 6DBBC220BCF; Thu, 25 Mar 2021 11:18:45 -0400 (EDT) From: Vivek Goyal To: linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, virtio-fs@redhat.com, miklos@szeredi.hu Cc: vgoyal@redhat.com, lhenriques@suse.de, dgilbert@redhat.com, seth.forshee@canonical.com Subject: [PATCH v2 0/2] fuse: Fix clearing SGID when access ACL is set Date: Thu, 25 Mar 2021 11:18:21 -0400 Message-Id: <20210325151823.572089-1-vgoyal@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi, This is V2 of the patchset. Posted V1 here. https://lore.kernel.org/linux-fsdevel/20210319195547.427371-1-vgoyal@redhat.com/ Changes since V1: - Dropped the helper to determine if SGID should be cleared and open coded it instead. I will follow up on helper separately in a different patch series. There are few places already which open code this, so for now fuse can do the same. Atleast I can make progress on this and virtiofs can enable ACL support. Luis reported that xfstests generic/375 fails with virtiofs. Little debugging showed that when posix access acl is set that in some cases SGID needs to be cleared and that does not happen with virtiofs. Setting posix access acl can lead to mode change and it can also lead to clear of SGID. fuse relies on file server taking care of all the mode changes. But file server does not have enough information to determine whether SGID should be cleared or not. Hence this patch series add support to send a flag in SETXATTR message to tell server to clear SGID. I have staged corresponding virtiofsd patches here. https://github.com/rhvgoyal/qemu/commits/acl-sgid-setxattr-flag With these patches applied "./check -g acl" passes now on virtiofs. Thanks Vivek Vivek Goyal (2): fuse: Add support for FUSE_SETXATTR_V2 fuse: Add a flag FUSE_SETXATTR_ACL_KILL_SGID to kill SGID fs/fuse/acl.c | 8 +++++++- fs/fuse/fuse_i.h | 5 ++++- fs/fuse/inode.c | 4 +++- fs/fuse/xattr.c | 21 +++++++++++++++------ include/uapi/linux/fuse.h | 17 +++++++++++++++++ 5 files changed, 46 insertions(+), 9 deletions(-) -- 2.25.4