2022-04-15 22:05:08

by Yang Xu (Fujitsu)

[permalink] [raw]
Subject: [PATCH v3 5/7] fs: Add new helper prepare_mode

As Christian Brauner suggested, add a new helper calls inode_sgid_strip()
and does the umask stripping as well and then call it in all these places.

This api is introduced to support strip file's S_ISGID mode on vfs instead
of on underlying filesystem.

Suggested-by: Christian Brauner (Microsoft) <[email protected]>
Signed-off-by: Yang Xu <[email protected]>
---
include/linux/fs.h | 9 +++++++++
1 file changed, 9 insertions(+)

diff --git a/include/linux/fs.h b/include/linux/fs.h
index 4a617aaab6f6..8c2f4cde974b 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -3458,6 +3458,15 @@ static inline bool dir_relax_shared(struct inode *inode)
return !IS_DEADDIR(inode);
}

+static inline void prepare_mode(struct user_namespace *mnt_userns,
+ const struct inode *dir, umode_t *mode)
+{
+ inode_sgid_strip(mnt_userns, dir, mode);
+
+ if (!IS_POSIXACL(dir))
+ *mode &= ~current_umask();
+}
+
extern bool path_noexec(const struct path *path);
extern void inode_nohighmem(struct inode *inode);

--
2.27.0


2022-04-16 02:38:27

by Christian Brauner

[permalink] [raw]
Subject: Re: [PATCH v3 5/7] fs: Add new helper prepare_mode

On Fri, Apr 15, 2022 at 07:02:21PM +0800, Yang Xu wrote:
> As Christian Brauner suggested, add a new helper calls inode_sgid_strip()
> and does the umask stripping as well and then call it in all these places.
>
> This api is introduced to support strip file's S_ISGID mode on vfs instead
> of on underlying filesystem.
>
> Suggested-by: Christian Brauner (Microsoft) <[email protected]>
> Signed-off-by: Yang Xu <[email protected]>
> ---

I don't think this needs to be a separate patch especially since the
helper is not in any header file. So just squah patch 5 and 6 imho.

> include/linux/fs.h | 9 +++++++++
> 1 file changed, 9 insertions(+)
>
> diff --git a/include/linux/fs.h b/include/linux/fs.h
> index 4a617aaab6f6..8c2f4cde974b 100644
> --- a/include/linux/fs.h
> +++ b/include/linux/fs.h
> @@ -3458,6 +3458,15 @@ static inline bool dir_relax_shared(struct inode *inode)
> return !IS_DEADDIR(inode);
> }
>
> +static inline void prepare_mode(struct user_namespace *mnt_userns,
> + const struct inode *dir, umode_t *mode)
> +{
> + inode_sgid_strip(mnt_userns, dir, mode);
> +
> + if (!IS_POSIXACL(dir))
> + *mode &= ~current_umask();
> +}
> +
> extern bool path_noexec(const struct path *path);
> extern void inode_nohighmem(struct inode *inode);
>
> --
> 2.27.0
>