/* getroot.c: get the root dentry for an NFS mount * * Copyright (C) 2006 Red Hat, Inc. All Rights Reserved. * Written by David Howells (dhowells@redhat.com) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "internal.h" #define NFSDBG_FACILITY NFSDBG_CLIENT /* * Set the superblock root dentry. * Note that this function frees the inode in case of error. */ static int nfs_superblock_set_dummy_root(struct super_block *sb, struct inode *inode) { /* The mntroot acts as the dummy root dentry for this superblock */ if (sb->s_root == NULL) { sb->s_root = d_make_root(inode); if (sb->s_root == NULL) return -ENOMEM; ihold(inode); /* * Ensure that this dentry is invisible to d_find_alias(). * Otherwise, it may be spliced into the tree by * d_splice_alias if a parent directory from the same * filesystem gets mounted at a later time. * This again causes shrink_dcache_for_umount_subtree() to * Oops, since the test for IS_ROOT() will fail. */ spin_lock(&d_inode(sb->s_root)->i_lock); spin_lock(&sb->s_root->d_lock); hlist_del_init(&sb->s_root->d_u.d_alias); spin_unlock(&sb->s_root->d_lock); spin_unlock(&d_inode(sb->s_root)->i_lock); } return 0; } /* * get an NFS2/NFS3 root dentry from the root filehandle */ struct dentry *nfs_get_root(struct super_block *sb, struct nfs_fh *mntfh, const char *devname) { struct nfs_server *server = NFS_SB(sb); struct nfs_fsinfo fsinfo; struct dentry *ret; struct inode *inode; void *name = kstrdup(devname, GFP_KERNEL); int error; if (!name) return ERR_PTR(-ENOMEM); /* get the actual root for this mount */ fsinfo.fattr = nfs_alloc_fattr(); if (fsinfo.fattr == NULL) { kfree(name); return ERR_PTR(-ENOMEM); } error = server->nfs_client->rpc_ops->getroot(server, mntfh, &fsinfo); if (error < 0) { dprintk("nfs_get_root: getattr error = %d\n", -error); ret = ERR_PTR(error); goto out; } inode = nfs_fhget(sb, mntfh, fsinfo.fattr, NULL); if (IS_ERR(inode)) { dprintk("nfs_get_root: get root inode failed\n"); ret = ERR_CAST(inode); goto out; } error = nfs_superblock_set_dummy_root(sb, inode); if (error != 0) { ret = ERR_PTR(error); goto out; } /* root dentries normally start off anonymous and get spliced in later * if the dentry tree reaches them; however if the dentry already * exists, we'll pick it up at this point and use it as the root */ ret = d_obtain_root(inode); if (IS_ERR(ret)) { dprintk("nfs_get_root: get root dentry failed\n"); goto out; } security_d_instantiate(ret, inode); spin_lock(&ret->d_lock); if (IS_ROOT(ret) && !ret->d_fsdata && !(ret->d_flags & DCACHE_NFSFS_RENAMED)) { ret->d_fsdata = name; name = NULL; } spin_unlock(&ret->d_lock); out: kfree(name); nfs_free_fattr(fsinfo.fattr); return ret; }
context:
space:
mode:
authorGu Zheng <guzheng1@huawei.com>2017-01-09 09:34:48 +0800
committerAl Viro <viro@zeniv.linux.org.uk>2017-01-10 01:29:48 -0500
commit497de07d89c1410d76a15bec2bb41f24a2a89f31 (patch)
treefc00cca2a3a7eadf35ace0b9e8e824e83afe7f54 /tools/include/uapi
parentb4b8664d291ac1998e0f0bcdc96b6397f0fe68b3 (diff)
tmpfs: clear S_ISGID when setting posix ACLs
This change was missed the tmpfs modification in In CVE-2016-7097 commit 073931017b49 ("posix_acl: Clear SGID bit when setting file permissions") It can test by xfstest generic/375, which failed to clear setgid bit in the following test case on tmpfs: touch $testfile chown 100:100 $testfile chmod 2755 $testfile _runas -u 100 -g 101 -- setfacl -m u::rwx,g::rwx,o::rwx $testfile Signed-off-by: Gu Zheng <guzheng1@huawei.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'tools/include/uapi')