• Jan Kara's avatar
    fs: Call security_ops->inode_killpriv on truncate · 45f147a1
    Jan Kara authored
    Comment in include/linux/security.h says that ->inode_killpriv() should
    be called when setuid bit is being removed and that similar security
    labels (in fact this applies only to file capabilities) should be
    removed at this time as well. However we don't call ->inode_killpriv()
    when we remove suid bit on truncate.
    
    We fix the problem by calling ->inode_need_killpriv() and subsequently
    ->inode_killpriv() on truncate the same way as we do it on file write.
    
    After this patch there's only one user of should_remove_suid() - ocfs2 -
    and indeed it's buggy because it doesn't call ->inode_killpriv() on
    write. However fixing it is difficult because of special locking
    constraints.
    Signed-off-by: default avatarJan Kara <jack@suse.cz>
    Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
    45f147a1
inode.c 52.4 KB