[RFC PATCH v3 06/18] fs: Split off remove_needs_file_privs() __remove_file_privs()

public inbox for [email protected]
 help / color / mirror / Atom feed

From: Stefan Roesch <[email protected]>
To: <[email protected]>, <[email protected]>,
	<[email protected]>, <[email protected]>,
	<[email protected]>
Cc: <[email protected]>, <[email protected]>, <[email protected]>
Subject: [RFC PATCH v3 06/18] fs: Split off remove_needs_file_privs() __remove_file_privs()
Date: Wed, 18 May 2022 16:36:57 -0700	[thread overview]
Message-ID: <[email protected]> (raw)
In-Reply-To: <[email protected]>

This splits off the function remove_needs_file_privs() from the function
__remove_file_privs() from the function file_remove_privs().

No intended functional changes in this patch.

Signed-off-by: Stefan Roesch <[email protected]>
---
 fs/inode.c | 75 +++++++++++++++++++++++++++++++++++++++---------------
 1 file changed, 55 insertions(+), 20 deletions(-)

diff --git a/fs/inode.c b/fs/inode.c
index 9d9b422504d1..1bb8b7db836f 100644
--- a/fs/inode.c
+++ b/fs/inode.c
@@ -2010,17 +2010,8 @@ static int __remove_privs(struct user_namespace *mnt_userns,
 	return notify_change(mnt_userns, dentry, &newattrs, NULL);
 }
 
-/*
- * Remove special file priviledges (suid, capabilities) when file is written
- * to or truncated.
- */
-int file_remove_privs(struct file *file)
+static int file_needs_remove_privs(struct inode *inode, struct dentry *dentry)
 {
-	struct dentry *dentry = file_dentry(file);
-	struct inode *inode = file_inode(file);
-	int kill;
-	int error = 0;
-
 	/*
 	 * Fast path for nothing security related.
 	 * As well for non-regular files, e.g. blkdev inodes.
@@ -2030,16 +2021,42 @@ int file_remove_privs(struct file *file)
 	if (IS_NOSEC(inode) || !S_ISREG(inode->i_mode))
 		return 0;
 
-	kill = dentry_needs_remove_privs(dentry);
-	if (kill < 0)
-		return kill;
-	if (kill)
-		error = __remove_privs(file_mnt_user_ns(file), dentry, kill);
+	return dentry_needs_remove_privs(dentry);
+}
+
+static int __file_remove_privs(struct file *file, struct inode *inode,
+			struct dentry *dentry, int kill)
+{
+	int error = 0;
+
+	error = __remove_privs(file_mnt_user_ns(file), dentry, kill);
 	if (!error)
 		inode_has_no_xattr(inode);
 
 	return error;
 }
+
+/**
+ * file_remove_privs - remove special file privileges (suid, capabilities)
+ * @file: file to remove privileges from
+ *
+ * When file is modified by a write or truncation ensure that special
+ * file privileges are removed.
+ *
+ * Return: 0 on success, negative errno on failure.
+ */
+int file_remove_privs(struct file *file)
+{
+	struct dentry *dentry = file_dentry(file);
+	struct inode *inode = file_inode(file);
+	int kill;
+
+	kill = file_needs_remove_privs(inode, dentry);
+	if (kill <= 0)
+		return kill;
+
+	return __file_remove_privs(file, inode, dentry, kill);
+}
 EXPORT_SYMBOL(file_remove_privs);
 
 /**
@@ -2090,18 +2107,36 @@ int file_update_time(struct file *file)
 }
 EXPORT_SYMBOL(file_update_time);
 
-/* Caller must hold the file's inode lock */
+/**
+ * file_modified - handle mandated vfs changes when modifying a file
+ * @file: file that was modified
+ *
+ * When file has been modified ensure that special
+ * file privileges are removed and time settings are updated.
+ *
+ * Context: Caller must hold the file's inode lock.
+ *
+ * Return: 0 on success, negative errno on failure.
+ */
 int file_modified(struct file *file)
 {
-	int err;
+	int ret;
+	struct dentry *dentry = file_dentry(file);
+	struct inode *inode = file_inode(file);
 
 	/*
 	 * Clear the security bits if the process is not being run by root.
 	 * This keeps people from modifying setuid and setgid binaries.
 	 */
-	err = file_remove_privs(file);
-	if (err)
-		return err;
+	ret = file_needs_remove_privs(inode, dentry);
+	if (ret < 0)
+		return ret;
+
+	if (ret > 0) {
+		ret = __file_remove_privs(file, inode, dentry, ret);
+		if (ret)
+			return ret;
+	}
 
 	if (unlikely(file->f_mode & FMODE_NOCMTIME))
 		return 0;
-- 
2.30.2

next prev parent reply	other threads:[~2022-05-18 23:38 UTC|newest]

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-05-18 23:36 [RFC PATCH v3 00/18] io-uring/xfs: support async buffered writes Stefan Roesch
2022-05-18 23:36 ` [RFC PATCH v3 01/18] block: Add check for async buffered writes to generic_write_checks Stefan Roesch
2022-05-18 23:36 ` [RFC PATCH v3 02/18] iomap: Add iomap_page_create_gfp to allocate iomap_pages Stefan Roesch
2022-05-19  8:18   ` Christoph Hellwig
2022-05-18 23:36 ` [RFC PATCH v3 03/18] iomap: Use iomap_page_create_gfp() in __iomap_write_begin Stefan Roesch
2022-05-19  8:19   ` Christoph Hellwig
2022-05-18 23:36 ` [RFC PATCH v3 04/18] iomap: Add async buffered write support Stefan Roesch
2022-05-19  8:25   ` Christoph Hellwig
2022-05-20 18:29     ` Stefan Roesch
2022-05-18 23:36 ` [RFC PATCH v3 05/18] xfs: Add iomap " Stefan Roesch
2022-05-18 23:36 ` Stefan Roesch [this message]
2022-05-18 23:36 ` [RFC PATCH v3 07/18] fs: Split off file_needs_update_time and __file_update_time Stefan Roesch
2022-05-18 23:36 ` [RFC PATCH v3 08/18] xfs: Enable async write file modification handling Stefan Roesch
2022-05-18 23:37 ` [RFC PATCH v3 09/18] fs: Optimization for concurrent file time updates Stefan Roesch
2022-05-18 23:37 ` [RFC PATCH v3 10/18] xfs: Add async buffered write support Stefan Roesch
2022-05-18 23:37 ` [RFC PATCH v3 11/18] io_uring: Add support for async buffered writes Stefan Roesch
2022-05-18 23:37 ` [RFC PATCH v3 12/18] mm: Move starting of background writeback into the main balancing loop Stefan Roesch
2022-05-18 23:37 ` [RFC PATCH v3 13/18] mm: Move updates of dirty_exceeded into one place Stefan Roesch
2022-05-18 23:37 ` [RFC PATCH v3 14/18] mm: Prepare balance_dirty_pages() for async buffered writes Stefan Roesch
2022-05-18 23:37 ` [RFC PATCH v3 15/18] mm: Add balance_dirty_pages_ratelimited_async() function Stefan Roesch
     [not found]   ` <YoX/[email protected]>
2022-05-19  8:54     ` Jan Kara
2022-05-18 23:37 ` [RFC PATCH v3 16/18] iomap: Use balance_dirty_pages_ratelimited_flags in iomap_write_iter Stefan Roesch
2022-05-18 23:37 ` [RFC PATCH v3 17/18] io_uring: Add tracepoint for short writes Stefan Roesch
2022-05-18 23:37 ` [RFC PATCH v3 18/18] xfs: Enable async buffered write support Stefan Roesch
2022-05-19  8:32   ` Christoph Hellwig
2022-05-20 18:32     ` Stefan Roesch

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:9d9b422504d dfblob:1bb8b7db836 )
 OR (
bs:"[RFC PATCH v3 06/18] fs: Split off remove_needs_file_privs() __remove_file_privs()" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox