From patchwork Fri Apr 18 16:17:31 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Kinglong Mee X-Patchwork-Id: 4017101 Return-Path: X-Original-To: patchwork-linux-nfs@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.19.201]) by patchwork2.web.kernel.org (Postfix) with ESMTP id 9B236BFF02 for ; Fri, 18 Apr 2014 16:18:08 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id A94E420218 for ; Fri, 18 Apr 2014 16:18:07 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id C57902018E for ; Fri, 18 Apr 2014 16:18:06 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751736AbaDRQSE (ORCPT ); Fri, 18 Apr 2014 12:18:04 -0400 Received: from mail-pb0-f52.google.com ([209.85.160.52]:55260 "EHLO mail-pb0-f52.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751139AbaDRQSD (ORCPT ); Fri, 18 Apr 2014 12:18:03 -0400 Received: by mail-pb0-f52.google.com with SMTP id rr13so1617092pbb.11 for ; Fri, 18 Apr 2014 09:18:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=vOussx8LwNvvrzq43zvrCv0qVusA02uig9NnJcY+32A=; b=HI9f92rAYua1dgX0PscuoC1Zt64HaaOKffKJDu9gaU23tPD7ld+a0a++rknYnT9Gwp e4oLsx8wqODsVTPVsS+79vK809HRBV9NgmUpSa0CMwue5ge9aNdWAlYRMsrqxNTd5mPU 6E8TDQtj9pA+qIyyg5utTwQ3kcOaL+Tv3j3X5ffofNm1KLQWiMmSyn9YBnXRdwYaAfma 5Kb1IhNTqs30xX7bU76faxYomL1le0eSTQsU3vUaOrGcGSQ4hs/bCYvKha2ZOsm4OkRO A98Lz7pnIHpuMHNTDCwIrPJSgCFgz2ZZWS6ohv/V5/Timd9OhALvVj6ExMWCtiyq+A2E 2sSQ== X-Received: by 10.66.250.202 with SMTP id ze10mr2742749pac.153.1397837883343; Fri, 18 Apr 2014 09:18:03 -0700 (PDT) Received: from [192.168.0.102] ([171.208.185.170]) by mx.google.com with ESMTPSA id x5sm60787275pbw.26.2014.04.18.09.17.59 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 18 Apr 2014 09:18:01 -0700 (PDT) Message-ID: <5351501B.1010507@gmail.com> Date: Sat, 19 Apr 2014 00:17:31 +0800 From: Kinglong Mee User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.4.0 MIME-Version: 1.0 To: "J. Bruce Fields" CC: linux-nfs@vger.kernel.org Subject: [PATCH v2] NFSD: Don't clear SUID/SGID after root writing data References: <534AA92B.8010805@gmail.com> <20140418130220.GF18612@fieldses.org> <53512DE5.7050907@gmail.com> In-Reply-To: <53512DE5.7050907@gmail.com> Sender: linux-nfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org X-Spam-Status: No, score=-7.4 required=5.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_HI, RP_MATCHES_RCVD, T_DKIM_INVALID, UNPARSEABLE_RELAY autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP SUID/SGID is not cleared after writing data with (root, local ext4), #touch test; chmod 4777 test; stat test; echo 1234 > test; stat test; File: ‘test’ Size: 0 Blocks: 0 IO Block: 4096 regular empty file Device: 803h/2051d Inode: 1200137 Links: 1 Access: (4777/-rwsrwxrwx) Uid: ( 0/ root) Gid: ( 0/ root) Context: unconfined_u:object_r:admin_home_t:s0 Access: 2014-04-18 21:36:31.016029014 +0800 Modify: 2014-04-18 21:36:31.016029014 +0800 Change: 2014-04-18 21:36:31.026030285 +0800 Birth: - File: ‘test’ Size: 5 Blocks: 8 IO Block: 4096 regular file Device: 803h/2051d Inode: 1200137 Links: 1 Access: (4777/-rwsrwxrwx) Uid: ( 0/ root) Gid: ( 0/ root) Context: unconfined_u:object_r:admin_home_t:s0 Access: 2014-04-18 21:36:31.016029014 +0800 Modify: 2014-04-18 21:36:31.040032065 +0800 Change: 2014-04-18 21:36:31.040032065 +0800 Birth: - With no_root_squash, (root, remote ext4), SUID/SGID are cleared, #touch test; chmod 4777 test; stat test; echo 1234 > test; stat test; File: ‘test’ Size: 0 Blocks: 0 IO Block: 262144 regular empty file Device: 24h/36d Inode: 786439 Links: 1 Access: (4777/-rwsrwxrwx) Uid: ( 1000/ test) Gid: ( 1000/ test) Context: system_u:object_r:nfs_t:s0 Access: 2014-04-18 21:45:32.155805097 +0800 Modify: 2014-04-18 21:45:32.155805097 +0800 Change: 2014-04-18 21:45:32.168806749 +0800 Birth: - File: ‘test’ Size: 5 Blocks: 8 IO Block: 262144 regular file Device: 24h/36d Inode: 786439 Links: 1 Access: (0777/-rwxrwxrwx) Uid: ( 1000/ test) Gid: ( 1000/ test) Context: system_u:object_r:nfs_t:s0 Access: 2014-04-18 21:45:32.155805097 +0800 Modify: 2014-04-18 21:45:32.184808783 +0800 Change: 2014-04-18 21:45:32.184808783 +0800 Birth: - This patch drops codes that kills SGID/SUID visibly, because vfs_writev() can kills it if necessary. With this patch, the above problem will not exist. Signed-off-by: Kinglong Mee --- fs/nfsd/vfs.c | 18 ------------------ 1 file changed, 18 deletions(-) * there's a high chance this is another nfsd (triggered by a bulk write @@ -942,10 +928,6 @@ nfsd_vfs_write(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file *file, nfsdstats.io_write += host_err; fsnotify_modify(file); - /* clear setuid/setgid flag after write */ - if (inode->i_mode & (S_ISUID | S_ISGID)) - kill_suid(dentry); - if (stable) { if (use_wgather) host_err = wait_for_concurrent_writes(file); diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c index 16f0673..6aaa305 100644 --- a/fs/nfsd/vfs.c +++ b/fs/nfsd/vfs.c @@ -857,20 +857,6 @@ nfsd_vfs_read(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file *file, return err; } -static void kill_suid(struct dentry *dentry) -{ - struct iattr ia; - ia.ia_valid = ATTR_KILL_SUID | ATTR_KILL_SGID | ATTR_KILL_PRIV; - - mutex_lock(&dentry->d_inode->i_mutex); - /* - * Note we call this on write, so notify_change will not - * encounter any conflicting delegations: - */ - notify_change(dentry, &ia, NULL); - mutex_unlock(&dentry->d_inode->i_mutex); -} - /* * Gathered writes: If another process is currently writing to the file,