[PATCH 13/16] fuse2fs: fix in_file_group missing the primary process gid

Linux EXT4 FS development
 help / color / mirror / Atom feed

From: "Darrick J. Wong" <djwong@kernel.org>
To: tytso@mit.edu
Cc: linux-ext4@vger.kernel.org, linux-ext4@vger.kernel.org
Subject: [PATCH 13/16] fuse2fs: fix in_file_group missing the primary process gid
Date: Thu, 16 Oct 2025 08:43:11 -0700	[thread overview]
Message-ID: <176062915701.3343688.8714211042480698391.stgit@frogsfrogsfrogs> (raw)
In-Reply-To: <176062915393.3343688.9810444125172113159.stgit@frogsfrogsfrogs>

From: Darrick J. Wong <djwong@kernel.org>

I forgot that Unix processes have both a primary group id and a list of
supplementary group ids.  The primary is provided by the fuse client;
the supplemental groups are noted by the Groups: field of
/proc/self/status.

If a process does not have /any/ supplemental group ids, then
in_file_group returns the wrong answer if the inode gid matches the
group id provided by the fuse client because it doesn't check that
anymore.  Make it so the primary group id check always happens.

Found by generic/375.

Cc: <linux-ext4@vger.kernel.org> # v1.47.3
Fixes: 3469e6ff606af8 ("fuse2fs: fix group membership checking in op_chmod")
Signed-off-by: "Darrick J. Wong" <djwong@kernel.org>
---
 misc/fuse2fs.c |    6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/misc/fuse2fs.c b/misc/fuse2fs.c
index 0ecdd4f9e93225..b8db298cde202f 100644
--- a/misc/fuse2fs.c
+++ b/misc/fuse2fs.c
@@ -2303,10 +2303,14 @@ static int in_file_group(struct fuse_context *ctxt,
 	gid_t gid = inode_gid(*inode);
 	int ret;

+	/* If the inode gid matches the process' primary group, we're done. */
+	if (ctxt->gid == gid)
+		return 1;
+
 	ret = get_req_groups(ff, &gids, &nr_gids);
 	if (ret == -ENOENT) {
 		/* magic return code for "could not get caller group info" */
-		return ctxt->gid == inode_gid(*inode);
+		return 0;
 	}
 	if (ret < 0)
 		return ret;

next prev parent reply	other threads:[~2025-10-16 15:43 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-10-16 15:39 [PATCHSET] fuse2fs: round 6 bug fixes Darrick J. Wong
2025-10-16 15:40 ` [PATCH 01/16] debian/rules: remove extra pkg-config Darrick J. Wong
2025-10-16 15:40 ` [PATCH 02/16] libext2fs: use F_GETFL, not F_GETFD, in unixfd_open Darrick J. Wong
2025-10-16 15:40 ` [PATCH 03/16] libext2fs: don't look for O_EXCL in the F_GETFL output Darrick J. Wong
2025-10-16 15:40 ` [PATCH 04/16] libext2fs: fix ind_punch recursive block computation Darrick J. Wong
2025-10-16 15:41 ` [PATCH 05/16] libext2fs: the unixfd IO manager shouldn't close its fd Darrick J. Wong
2025-10-16 15:41 ` [PATCH 06/16] fuse2fs: update manpage Darrick J. Wong
2025-10-16 15:41 ` [PATCH 07/16] fuse2fs: quiet down EXT2_ET_RO_FILSYS errors Darrick J. Wong
2025-10-16 15:41 ` [PATCH 08/16] fuse2fs: free global_fs after a failed ext2fs_close call Darrick J. Wong
2025-10-16 15:42 ` [PATCH 09/16] fuse2fs: fix memory corruption when parsing mount options Darrick J. Wong
2025-10-16 15:42 ` [PATCH 10/16] fuse2fs: fix fssetxattr flags updates Darrick J. Wong
2025-10-16 15:42 ` [PATCH 11/16] fuse2fs: fix default acls propagating to non-dir children Darrick J. Wong
2025-10-16 15:42 ` [PATCH 12/16] fuse2fs: don't update atime when reading executable file content Darrick J. Wong
2025-10-16 15:43 ` Darrick J. Wong [this message]
2025-10-16 15:43 ` [PATCH 14/16] fuse2fs: work around EBUSY discard returns from dm-thinp Darrick J. Wong
2025-10-16 15:43 ` [PATCH 15/16] fuse2fs: check free space when creating a symlink Darrick J. Wong
2025-10-16 15:43 ` [PATCH 16/16] fuse2fs: spot check clean journals Darrick J. Wong
2025-10-20 20:26 ` [PATCH 17/16] fuse2fs: recheck support after replaying journal Darrick J. Wong
2025-10-20 20:26 ` [PATCH 18/16] fuse2fs: make norecovery behavior consistent with the kernel Darrick J. Wong
2025-10-20 20:27 ` [PATCH 19/16] fuse2fs: mount norecovery if main block device is readonly Darrick J. Wong
2025-10-21 13:22 ` [PATCHSET] fuse2fs: round 6 bug fixes Theodore Tso

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:0ecdd4f9e9322 dfblob:b8db298cde202 )
 OR (
bs:"[PATCH 13/16] fuse2fs: fix in_file_group missing the primary process gid" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=176062915701.3343688.8714211042480698391.stgit@frogsfrogsfrogs \
    --to=djwong@kernel.org \
    --cc=linux-ext4@vger.kernel.org \
    --cc=tytso@mit.edu \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox