From: Darrick J. Wong <djwong@xxxxxxxxxx>
Let the kernel handle killing the suid/sgid bits because the
write/falloc/truncate/chown code already does this, and we don't have to
worry about external modifications that are only visible to the fuse
server (i.e. we're not a cluster fs).
Signed-off-by: "Darrick J. Wong" <djwong@xxxxxxxxxx>
---
fs/fuse/fuse_trace.h | 58 ++++++++++++++++++++++++++++++++++++++++++++++++++
fs/fuse/dir.c | 15 ++++++++++---
2 files changed, 70 insertions(+), 3 deletions(-)
diff --git a/fs/fuse/fuse_trace.h b/fs/fuse/fuse_trace.h
index aea9ea0835d497..18606eb0bf8dd7 100644
--- a/fs/fuse/fuse_trace.h
+++ b/fs/fuse/fuse_trace.h
@@ -199,6 +199,64 @@ TRACE_EVENT(fuse_fileattr_update_inode,
__entry->new_iflags)
);
+TRACE_EVENT(fuse_setattr_fill,
+ TP_PROTO(const struct inode *inode,
+ const struct fuse_setattr_in *inarg),
+ TP_ARGS(inode, inarg),
+
+ TP_STRUCT__entry(
+ FUSE_INODE_FIELDS
+ __field(umode_t, mode)
+ __field(uint32_t, valid)
+ __field(umode_t, new_mode)
+ __field(uint64_t, new_size)
+ ),
+
+ TP_fast_assign(
+ FUSE_INODE_ASSIGN(inode, fi, fm);
+ __entry->mode = inode->i_mode;
+ __entry->valid = inarg->valid;
+ __entry->new_mode = inarg->mode;
+ __entry->new_size = inarg->size;
+ ),
+
+ TP_printk(FUSE_INODE_FMT " mode 0%o valid 0x%x new_mode 0%o new_size 0x%llx",
+ FUSE_INODE_PRINTK_ARGS,
+ __entry->mode,
+ __entry->valid,
+ __entry->new_mode,
+ __entry->new_size)
+);
+
+TRACE_EVENT(fuse_setattr,
+ TP_PROTO(const struct inode *inode,
+ const struct iattr *inarg),
+ TP_ARGS(inode, inarg),
+
+ TP_STRUCT__entry(
+ FUSE_INODE_FIELDS
+ __field(umode_t, mode)
+ __field(uint32_t, valid)
+ __field(umode_t, new_mode)
+ __field(uint64_t, new_size)
+ ),
+
+ TP_fast_assign(
+ FUSE_INODE_ASSIGN(inode, fi, fm);
+ __entry->mode = inode->i_mode;
+ __entry->valid = inarg->ia_valid;
+ __entry->new_mode = inarg->ia_mode;
+ __entry->new_size = inarg->ia_size;
+ ),
+
+ TP_printk(FUSE_INODE_FMT " mode 0%o valid 0x%x new_mode 0%o new_size 0x%llx",
+ FUSE_INODE_PRINTK_ARGS,
+ __entry->mode,
+ __entry->valid,
+ __entry->new_mode,
+ __entry->new_size)
+);
+
#ifdef CONFIG_FUSE_BACKING
#define FUSE_BACKING_PASSTHROUGH (1U << 0)
#define FUSE_BACKING_IOMAP (1U << 1)
diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c
index a3ea50b99054ff..e8eef46d8e1b52 100644
--- a/fs/fuse/dir.c
+++ b/fs/fuse/dir.c
@@ -7,6 +7,7 @@
*/
#include "fuse_i.h"
+#include "fuse_trace.h"
#include <linux/pagemap.h>
#include <linux/file.h>
@@ -1999,6 +2000,8 @@ static void fuse_setattr_fill(struct fuse_conn *fc, struct fuse_args *args,
struct fuse_setattr_in *inarg_p,
struct fuse_attr_out *outarg_p)
{
+ trace_fuse_setattr_fill(inode, inarg_p);
+
args->opcode = FUSE_SETATTR;
args->nodeid = get_node_id(inode);
args->in_numargs = 1;
@@ -2273,15 +2276,21 @@ static int fuse_setattr(struct mnt_idmap *idmap, struct dentry *entry,
if (!fuse_allow_current_process(get_fuse_conn(inode)))
return -EACCES;
- if (attr->ia_valid & (ATTR_KILL_SUID | ATTR_KILL_SGID)) {
+ trace_fuse_setattr(inode, attr);
+
+ if (!fuse_has_iomap(inode) &&
+ (attr->ia_valid & (ATTR_KILL_SUID | ATTR_KILL_SGID))) {
attr->ia_valid &= ~(ATTR_KILL_SUID | ATTR_KILL_SGID |
ATTR_MODE);
/*
* The only sane way to reliably kill suid/sgid is to do it in
- * the userspace filesystem
+ * the userspace filesystem if this isn't an iomap file. For
+ * iomap filesystems we let the kernel kill the setuid/setgid
+ * bits.
*
- * This should be done on write(), truncate() and chown().
+ * This should be done on write(), truncate(), chown(), and
+ * fallocate().
*/
if (!fc->handle_killpriv && !fc->handle_killpriv_v2) {
/*
