[6.1,0/5] Backport v6.2 SGID fixes to LTS 6.1

Message ID	20230223152044.1064909-1-amir73il@gmail.com (mailing list archive)
Headers	show Return-Path: <linux-fsdevel-owner@vger.kernel.org> From: Amir Goldstein <amir73il@gmail.com> To: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Cc: Sasha Levin <sashal@kernel.org>, Christian Brauner <brauner@kernel.org>, Miklos Szeredi <miklos@szeredi.hu>, linux-fsdevel@vger.kernel.org, stable@vger.kernel.org Subject: [PATCH 6.1 0/5] Backport v6.2 SGID fixes to LTS 6.1 Date: Thu, 23 Feb 2023 17:20:39 +0200 Message-Id: <20230223152044.1064909-1-amir73il@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	Backport v6.2 SGID fixes to LTS 6.1 \| expand [6.1,0/5] Backport v6.2 SGID fixes to LTS 6.1 [6.1,1/5] attr: add in_group_or_capable() [6.1,2/5] fs: move should_remove_suid() [6.1,3/5] attr: add setattr_should_drop_sgid() [6.1,4/5] attr: use consistent sgid stripping checks [6.1,5/5] fs: use consistent setgid checks in is_sxid()

Message ID

20230223152044.1064909-1-amir73il@gmail.com (mailing list archive)

Headers

From: Amir Goldstein <amir73il@gmail.com>
To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Sasha Levin <sashal@kernel.org>,
        Christian Brauner <brauner@kernel.org>,
        Miklos Szeredi <miklos@szeredi.hu>,
        linux-fsdevel@vger.kernel.org, stable@vger.kernel.org
Subject: [PATCH 6.1 0/5] Backport v6.2 SGID fixes to LTS 6.1
Date: Thu, 23 Feb 2023 17:20:39 +0200
Message-Id: <20230223152044.1064909-1-amir73il@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

Backport v6.2 SGID fixes to LTS 6.1 | expand

Message

Amir Goldstein Feb. 23, 2023, 3:20 p.m. UTC

Greg,

Following are backports of Christian's SGID fixes that were merged to
v6.2-rc1.

Note that Christain's PR [1] contains also two ovl patches (from me).
Those two are independent fixes that have already been AUTOSELected
to 6.1.y.

Christain's fixes also contain a user observable change of behavior
to fix inconsistencies of behavior between chmod/chown and write.
This change is best described in Christain's commit to fix the expected
behavior in xfstests [2].

It is hoped that no applications rely on this minor behavioral
difference, and if we are wrong, we may need to party revert the
change, but in any case, we prefer the behavior of LTS kernels to be
consitent with that of upstream.

I ran the relevant fstests test groups on xfs and on overlayfs over xfs.

I also have backports that I prepared for 5.15 and 5.10, but those
backports include also xfs SGID fixes, so those need to go through the
xfs stable review process.

Thanks,
Amir.

[1] https://lore.kernel.org/linux-fsdevel/20221212112053.99208-1-brauner@kernel.org/
[2] https://lore.kernel.org/linux-fsdevel/20230103-fstests-setgid-v6-2-v3-1-5950c139bfcc@kernel.org/

Christian Brauner (5):
  attr: add in_group_or_capable()
  fs: move should_remove_suid()
  attr: add setattr_should_drop_sgid()
  attr: use consistent sgid stripping checks
  fs: use consistent setgid checks in is_sxid()

 Documentation/trace/ftrace.rst |  2 +-
 fs/attr.c                      | 74 +++++++++++++++++++++++++++++++---
 fs/fuse/file.c                 |  2 +-
 fs/inode.c                     | 64 +++++++++++++----------------
 fs/internal.h                  | 10 ++++-
 fs/ocfs2/file.c                |  4 +-
 fs/open.c                      |  8 ++--
 include/linux/fs.h             |  4 +-
 8 files changed, 115 insertions(+), 53 deletions(-)

Comments

Greg Kroah-Hartman Feb. 28, 2023, 6:44 p.m. UTC | #1

On Thu, Feb 23, 2023 at 05:20:39PM +0200, Amir Goldstein wrote:
> Greg,
> 
> Following are backports of Christian's SGID fixes that were merged to
> v6.2-rc1.
> 
> Note that Christain's PR [1] contains also two ovl patches (from me).
> Those two are independent fixes that have already been AUTOSELected
> to 6.1.y.
> 
> Christain's fixes also contain a user observable change of behavior
> to fix inconsistencies of behavior between chmod/chown and write.
> This change is best described in Christain's commit to fix the expected
> behavior in xfstests [2].
> 
> It is hoped that no applications rely on this minor behavioral
> difference, and if we are wrong, we may need to party revert the
> change, but in any case, we prefer the behavior of LTS kernels to be
> consitent with that of upstream.
> 
> I ran the relevant fstests test groups on xfs and on overlayfs over xfs.
> 
> I also have backports that I prepared for 5.15 and 5.10, but those
> backports include also xfs SGID fixes, so those need to go through the
> xfs stable review process.

All now queued up, thanks.

greg k-h