From: Greg KH <gregkh@linuxfoundation.org>
To: Varsha Teratipally <teratipally@google.com>
Cc: Amir Goldstein <amir73il@gmail.com>,
"Darrick J. Wong" <djwong@kernel.org>,
linux-xfs@vger.kernel.org, linux-kernel@vger.kernel.org,
stable@vger.kernel.org, Christoph Hellwig <hch@lst.de>,
Christian Brauner <christian.brauner@ubuntu.com>
Subject: Re: [PATCH] xfs: fix up non-directory creation in SGID directories
Date: Thu, 8 Sep 2022 13:48:27 +0200 [thread overview]
Message-ID: <YxnWi5YcuY6Rbodt@kroah.com> (raw)
In-Reply-To: <20220906183600.1926315-2-teratipally@google.com>
On Tue, Sep 06, 2022 at 06:36:00PM +0000, Varsha Teratipally wrote:
> From: Christoph Hellwig <hch@lst.de>
>
> XFS always inherits the SGID bit if it is set on the parent inode, while
> the generic inode_init_owner does not do this in a few cases where it can
> create a possible security problem, see commit 0fa3ecd87848
> ("Fix up non-directory creation in SGID directories") for details.
>
> Switch XFS to use the generic helper for the normal path to fix this,
> just keeping the simple field inheritance open coded for the case of the
> non-sgid case with the bsdgrpid mount option.
>
> Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
> Reported-by: Christian Brauner <christian.brauner@ubuntu.com>
> Signed-off-by: Christoph Hellwig <hch@lst.de>
> Reviewed-by: Darrick J. Wong <djwong@kernel.org>
> Signed-off-by: Darrick J. Wong <djwong@kernel.org>
Why did you not sign off on this if you are forwarding it on?
Also, what is the git id of this commit in Linus's tree (we need that
hint...)
Please fix both up and resend and get the ack of the stable xfs
developers on it as well.
thanks,
greg k-h
next prev parent reply other threads:[~2022-09-08 11:48 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-09-06 18:35 Request to cherry-pick 01ea173e103edd5ec41acec65b9261b87e123fc2 to v5.10 Varsha Teratipally
2022-09-06 18:36 ` [PATCH] xfs: fix up non-directory creation in SGID directories Varsha Teratipally
2022-09-06 18:37 ` kernel test robot
2022-09-07 7:40 ` Amir Goldstein
2022-09-07 7:43 ` Amir Goldstein
2022-09-08 11:48 ` Greg KH [this message]
2022-09-08 12:02 ` Amir Goldstein
2022-09-14 16:39 ` Darrick J. Wong
2022-09-07 7:46 ` Request to cherry-pick 01ea173e103edd5ec41acec65b9261b87e123fc2 to v5.10 Amir Goldstein
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YxnWi5YcuY6Rbodt@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=amir73il@gmail.com \
--cc=christian.brauner@ubuntu.com \
--cc=djwong@kernel.org \
--cc=hch@lst.de \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-xfs@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=teratipally@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox