[Virtio-fs] [PATCH 2/5] fuse: Set FUSE_WRITE_KILL_PRIV in cached write path
Vivek Goyal
vgoyal at redhat.com
Fri Jul 24 18:38:09 UTC 2020
If caller does not have CAP_FSETID, we set FUSE_WRITE_KILL_PRIV in direct
I/O path but not in cached write path. Set it there as well so that server
can clear suid/sgid/caps as needed.
Set it only if fc->handle_killpriv_v2 is set. Otherwise client is responsible
for kill suid/sgid. We do it direct I/O path anyway because we do't call
file_remove_privs() there (with cache=none option).
Signed-off-by: Vivek Goyal <vgoyal at redhat.com>
---
fs/fuse/file.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/fs/fuse/file.c b/fs/fuse/file.c
index 83d917f7e542..57899afc7cba 100644
--- a/fs/fuse/file.c
+++ b/fs/fuse/file.c
@@ -1083,6 +1083,8 @@ static ssize_t fuse_send_write_pages(struct fuse_io_args *ia,
fuse_write_args_fill(ia, ff, pos, count);
ia->write.in.flags = fuse_write_flags(iocb);
+ if (fc->handle_killpriv_v2 && !capable(CAP_FSETID))
+ ia->write.in.write_flags |= FUSE_WRITE_KILL_PRIV;
err = fuse_simple_request(fc, &ap->args);
if (!err && ia->write.out.size > count)
--
2.25.4
More information about the Virtio-fs
mailing list