Message ID | 1650020543-24908-5-git-send-email-xuyang2018.jy@fujitsu.com |
---|---|
State | New |
Headers | show |
Series | None | expand |
On Fri, Apr 15, 2022 at 07:02:21PM +0800, Yang Xu wrote: > As Christian Brauner suggested, add a new helper calls inode_sgid_strip() > and does the umask stripping as well and then call it in all these places. > > This api is introduced to support strip file's S_ISGID mode on vfs instead > of on underlying filesystem. > > Suggested-by: Christian Brauner (Microsoft) <brauner@kernel.org> > Signed-off-by: Yang Xu <xuyang2018.jy@fujitsu.com> > --- I don't think this needs to be a separate patch especially since the helper is not in any header file. So just squah patch 5 and 6 imho. > include/linux/fs.h | 9 +++++++++ > 1 file changed, 9 insertions(+) > > diff --git a/include/linux/fs.h b/include/linux/fs.h > index 4a617aaab6f6..8c2f4cde974b 100644 > --- a/include/linux/fs.h > +++ b/include/linux/fs.h > @@ -3458,6 +3458,15 @@ static inline bool dir_relax_shared(struct inode *inode) > return !IS_DEADDIR(inode); > } > > +static inline void prepare_mode(struct user_namespace *mnt_userns, > + const struct inode *dir, umode_t *mode) > +{ > + inode_sgid_strip(mnt_userns, dir, mode); > + > + if (!IS_POSIXACL(dir)) > + *mode &= ~current_umask(); > +} > + > extern bool path_noexec(const struct path *path); > extern void inode_nohighmem(struct inode *inode); > > -- > 2.27.0 >
diff --git a/include/linux/fs.h b/include/linux/fs.h index 4a617aaab6f6..8c2f4cde974b 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -3458,6 +3458,15 @@ static inline bool dir_relax_shared(struct inode *inode) return !IS_DEADDIR(inode); } +static inline void prepare_mode(struct user_namespace *mnt_userns, + const struct inode *dir, umode_t *mode) +{ + inode_sgid_strip(mnt_userns, dir, mode); + + if (!IS_POSIXACL(dir)) + *mode &= ~current_umask(); +} + extern bool path_noexec(const struct path *path); extern void inode_nohighmem(struct inode *inode);
As Christian Brauner suggested, add a new helper calls inode_sgid_strip() and does the umask stripping as well and then call it in all these places. This api is introduced to support strip file's S_ISGID mode on vfs instead of on underlying filesystem. Suggested-by: Christian Brauner (Microsoft) <brauner@kernel.org> Signed-off-by: Yang Xu <xuyang2018.jy@fujitsu.com> --- include/linux/fs.h | 9 +++++++++ 1 file changed, 9 insertions(+)