[Qemu-devel] [PATCH] Preserve S_ISGID

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

From: "M. Mohan Kumar" <mohan@in.ibm.com>
To: qemu-devel@nongnu.org,
	"Aneesh Kumar K.V" <aneesh.kumar@linux.vnet.ibm.com>
Cc: "M. Mohan Kumar" <mohan@in.ibm.com>
Subject: [Qemu-devel] [PATCH] Preserve S_ISGID
Date: Tue, 27 Dec 2011 23:17:46 +0530	[thread overview]
Message-ID: <1325008066-12094-1-git-send-email-mohan@in.ibm.com> (raw)

From: "M. Mohan Kumar" <mohan@in.ibm.com>

In passthrough security model in local fs driver, after a file creation
chown and chmod are done to set the file credentials and mode as requested
by 9p client. But if there was a request to create a file with S_ISGID
bit, doing chown on that file resets the S_ISGID bit. So first call
chown and then invoking chmod with proper mode bit retains the S_ISGID
(if present/requested)

This resulted in LTP mknod02, mknod03, mknod05, open10 test case
failures. This patch fixes this issue.

man 2 chown
When the owner or group of an executable file are changed by an unprivileged
user the S_ISUID  and  S_ISGID mode  bits are cleared.  POSIX does not specify
whether this also should happen when root does the chown(); the Linux behavior
depends on the kernel version.

Signed-off-by: M. Mohan Kumar <mohan@in.ibm.com>
---
 hw/9pfs/virtio-9p-local.c |    7 ++++---
 1 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/hw/9pfs/virtio-9p-local.c b/hw/9pfs/virtio-9p-local.c
index 3ae6ef2..3eb481d 100644
--- a/hw/9pfs/virtio-9p-local.c
+++ b/hw/9pfs/virtio-9p-local.c
@@ -115,9 +115,6 @@ static int local_post_create_passthrough(FsContext *fs_ctx, const char *path,
 {
     char buffer[PATH_MAX];

-    if (chmod(rpath(fs_ctx, path, buffer), credp->fc_mode & 07777) < 0) {
-        return -1;
-    }
     if (lchown(rpath(fs_ctx, path, buffer), credp->fc_uid,
                 credp->fc_gid) < 0) {
         /*
@@ -128,6 +125,10 @@ static int local_post_create_passthrough(FsContext *fs_ctx, const char *path,
             return -1;
         }
     }
+
+    if (chmod(rpath(fs_ctx, path, buffer), credp->fc_mode & 07777) < 0) {
+        return -1;
+    }
     return 0;
 }

-- 
1.7.6

                 reply	other threads:[~2011-12-27 17:48 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:3ae6ef2 dfblob:3eb481d )
 OR (
bs:"[Qemu-devel] [PATCH] Preserve S_ISGID" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1325008066-12094-1-git-send-email-mohan@in.ibm.com \
    --to=mohan@in.ibm.com \
    --cc=aneesh.kumar@linux.vnet.ibm.com \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).