From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <stable-owner@vger.kernel.org>
Received: from cantor2.suse.de ([195.135.220.15]:46800 "EHLO mx2.suse.de"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1753164AbbESIgU (ORCPT <rfc822;stable@vger.kernel.org>);
	Tue, 19 May 2015 04:36:20 -0400
Date: Tue, 19 May 2015 10:36:15 +0200
From: Jan Kara <jack@suse.cz>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Jan Kara <jack@suse.cz>, Al Viro <viro@zeniv.linux.org.uk>,
	stable <stable@vger.kernel.org>
Subject: Re: [PATCH] fs: Fix S_NOSEC handling
Message-ID: <20150519083615.GC12901@quack.suse.cz>
References: <1417644091-17334-1-git-send-email-jack@suse.cz>
 <CA+55aFy_p_uD-KbRWZ_MokEhnrdRrDEV3xAsk+U1L7EYFg6BxQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CA+55aFy_p_uD-KbRWZ_MokEhnrdRrDEV3xAsk+U1L7EYFg6BxQ@mail.gmail.com>
Sender: stable-owner@vger.kernel.org
List-ID: <stable.vger.kernel.org>

On Mon 18-05-15 12:55:37, Linus Torvalds wrote:
> Going through old emails.
> 
> This never went anywhere - Al?
  No. Later it became part of a larger series
(http://oss.sgi.com/archives/xfs/2015-03/msg00051.html) but Al never got to
merging it.

> That said, the patch looks dubious. If nothing else, shouldn't it use
> the helper function we have, and do something like
> 
>     if (!error)
>         inode_has_no_xattr(inode);
> 
> instead?
  Yeah, using inode_has_no_xattr() is a good idea. I wasn't aware of that
helper. I'll update the patch and resend.

								Honza

> On Wed, Dec 3, 2014 at 2:01 PM, Jan Kara <jack@suse.cz> wrote:
> > file_remove_suid() could mistakenly set S_NOSEC inode bit when root was
> > modifying the file. As a result following writes to the file by ordinary
> > user would avoid clearing suid or sgid bits.
> >
> > Fix the bug by checking actual mode bits before setting S_NOSEC.
> >
> > CC: stable@vger.kernel.org
> > Signed-off-by: Jan Kara <jack@suse.cz>
> > ---
> >  fs/inode.c | 3 ++-
> >  1 file changed, 2 insertions(+), 1 deletion(-)
> >
> > diff --git a/fs/inode.c b/fs/inode.c
> > index 26753ba7b6d6..f5e01704a5c8 100644
> > --- a/fs/inode.c
> > +++ b/fs/inode.c
> > @@ -1631,7 +1631,8 @@ int file_remove_suid(struct file *file)
> >                 error = security_inode_killpriv(dentry);
> >         if (!error && killsuid)
> >                 error = __remove_suid(dentry, killsuid);
> > -       if (!error && (inode->i_sb->s_flags & MS_NOSEC))
> > +       if (!error && (inode->i_sb->s_flags & MS_NOSEC) &&
> > +           !is_sxid(inode->i_mode))
> >                 inode->i_flags |= S_NOSEC;
> >
> >         return error;
> > --
> > 1.8.1.4
> >
-- 
Jan Kara <jack@suse.cz>
SUSE Labs, CR