diff options
author | Vivek Goyal <vgoyal@redhat.com> | 2020-10-09 14:15:08 -0400 |
---|---|---|
committer | Miklos Szeredi <mszeredi@redhat.com> | 2020-11-11 17:22:33 +0100 |
commit | b866739596ae3c3c60c43f1cf04a516c5aa20fd1 (patch) | |
tree | f069020d9cdb3f3ba378bc97650605ab7369a84b /fs/fuse | |
parent | 10c52c84e3f4872689a64ac7666b34d67e630691 (diff) | |
download | lwn-b866739596ae3c3c60c43f1cf04a516c5aa20fd1.tar.gz lwn-b866739596ae3c3c60c43f1cf04a516c5aa20fd1.zip |
fuse: set FUSE_WRITE_KILL_SUIDGID in cached write path
With HANDLE_KILLPRIV_V2, server will need to kill suid/sgid if caller does
not have CAP_FSETID. We already have a flag FUSE_WRITE_KILL_SUIDGID in
WRITE request and we already set it in direct I/O path.
To make it work in cached write path also, start setting
FUSE_WRITE_KILL_SUIDGID in this path too.
Set it only if fc->handle_killpriv_v2 is set. Otherwise client is
responsible for kill suid/sgid.
In case of direct I/O we set FUSE_WRITE_KILL_SUIDGID unconditionally
because we don't call file_remove_privs() in that path (with cache=none
option).
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Diffstat (limited to 'fs/fuse')
-rw-r--r-- | fs/fuse/file.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/fs/fuse/file.c b/fs/fuse/file.c index 603af847d596..24b201c4d9a9 100644 --- a/fs/fuse/file.c +++ b/fs/fuse/file.c @@ -1097,6 +1097,8 @@ static ssize_t fuse_send_write_pages(struct fuse_io_args *ia, fuse_write_args_fill(ia, ff, pos, count); ia->write.in.flags = fuse_write_flags(iocb); + if (fm->fc->handle_killpriv_v2 && !capable(CAP_FSETID)) + ia->write.in.write_flags |= FUSE_WRITE_KILL_SUIDGID; err = fuse_simple_request(fm, &ap->args); if (!err && ia->write.out.size > count) |