From 2d40564aaab3a99fe6ce00fc0fc893c02e9443ec Mon Sep 17 00:00:00 2001 From: "M. Mohan Kumar" Date: Thu, 19 Jan 2012 12:21:12 +0530 Subject: hw/9pfs: Preserve S_ISGID In passthrough security model in local fs driver, after a file creation chown and chmod are done to set the file credentials and mode as requested by 9p client. But if there was a request to create a file with S_ISGID bit, doing chown on that file resets the S_ISGID bit. So first call chown and then invoking chmod with proper mode bit retains the S_ISGID (if present/requested) This resulted in LTP mknod02, mknod03, mknod05, open10 test case failures. This patch fixes this issue. man 2 chown When the owner or group of an executable file are changed by an unprivileged user the S_ISUID and S_ISGID mode bits are cleared. POSIX does not specify whether this also should happen when root does the chown(); the Linux behavior depends on the kernel version. Signed-off-by: M. Mohan Kumar Signed-off-by: Aneesh Kumar K.V --- hw/9pfs/virtio-9p-handle.c | 4 ++-- hw/9pfs/virtio-9p-local.c | 7 ++++--- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/hw/9pfs/virtio-9p-handle.c b/hw/9pfs/virtio-9p-handle.c index cb012c0510..f96d17a974 100644 --- a/hw/9pfs/virtio-9p-handle.c +++ b/hw/9pfs/virtio-9p-handle.c @@ -63,11 +63,11 @@ static int handle_update_file_cred(int dirfd, const char *name, FsCred *credp) if (fd < 0) { return fd; } - ret = fchmod(fd, credp->fc_mode & 07777); + ret = fchownat(fd, "", credp->fc_uid, credp->fc_gid, AT_EMPTY_PATH); if (ret < 0) { goto err_out; } - ret = fchownat(fd, "", credp->fc_uid, credp->fc_gid, AT_EMPTY_PATH); + ret = fchmod(fd, credp->fc_mode & 07777); err_out: close(fd); return ret; diff --git a/hw/9pfs/virtio-9p-local.c b/hw/9pfs/virtio-9p-local.c index 6e3f9d1d97..33a41d2e18 100644 --- a/hw/9pfs/virtio-9p-local.c +++ b/hw/9pfs/virtio-9p-local.c @@ -257,9 +257,6 @@ static int local_post_create_passthrough(FsContext *fs_ctx, const char *path, { char buffer[PATH_MAX]; - if (chmod(rpath(fs_ctx, path, buffer), credp->fc_mode & 07777) < 0) { - return -1; - } if (lchown(rpath(fs_ctx, path, buffer), credp->fc_uid, credp->fc_gid) < 0) { /* @@ -270,6 +267,10 @@ static int local_post_create_passthrough(FsContext *fs_ctx, const char *path, return -1; } } + + if (chmod(rpath(fs_ctx, path, buffer), credp->fc_mode & 07777) < 0) { + return -1; + } return 0; } -- cgit v1.2.1