fs: move should_remove_suid() (e243e3f9) · Commits · EulixOS / Software / Kernel

fs/attr.c

+29 −0

Original line number	Diff line number	Diff line
		@@ -20,6 +20,35 @@

		#include "internal.h"

		/*
		* The logic we want is
		*
		* if suid or (sgid and xgrp)
		* remove privs
		*/
		int should_remove_suid(struct dentry *dentry)
		{
		umode_t mode = d_inode(dentry)->i_mode;
		int kill = 0;

		/* suid always must be killed */
		if (unlikely(mode & S_ISUID))
		kill = ATTR_KILL_SUID;

		/*
		* sgid without any exec bits is just a mandatory locking mark; leave
		* it alone. If some exec bits are set, it's a real sgid; kill it.
		*/
		if (unlikely((mode & S_ISGID) && (mode & S_IXGRP)))
		kill \|= ATTR_KILL_SGID;

		if (unlikely(kill && !capable(CAP_FSETID) && S_ISREG(mode)))
		return kill;

		return 0;
		}
		EXPORT_SYMBOL(should_remove_suid);

		/**
		* chown_ok - verify permissions to chown inode
		* @mnt_userns: user namespace of the mount @inode was found from

+0 −29

Original line number	Diff line number	Diff line
		@@ -1948,35 +1948,6 @@ void touch_atime(const struct path *path)
		}
		EXPORT_SYMBOL(touch_atime);

		/*
		* The logic we want is
		*
		* if suid or (sgid and xgrp)
		* remove privs
		*/
		int should_remove_suid(struct dentry *dentry)
		{
		umode_t mode = d_inode(dentry)->i_mode;
		int kill = 0;

		/* suid always must be killed */
		if (unlikely(mode & S_ISUID))
		kill = ATTR_KILL_SUID;

		/*
		* sgid without any exec bits is just a mandatory locking mark; leave
		* it alone. If some exec bits are set, it's a real sgid; kill it.
		*/
		if (unlikely((mode & S_ISGID) && (mode & S_IXGRP)))
		kill \|= ATTR_KILL_SGID;

		if (unlikely(kill && !capable(CAP_FSETID) && S_ISREG(mode)))
		return kill;

		return 0;
		}
		EXPORT_SYMBOL(should_remove_suid);

		/*
		* Return mask of changes for notify_change() that need to be done as a
		* response to write or truncate. Return 0 if nothing has to be changed.