Commit a8677c3e authored by Luis Henriques's avatar Luis Henriques

Revert "UBUNTU: SAUCE: (namespace) fs: Don't remove suid for CAP_FSETID for userns root"

BugLink: https://bugs.launchpad.net/bugs/1644165

This reverts commit bd088dae.

The kernel fix for bug #1634964 breaks LXD userspace, in particular the
following commits:

ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs
ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs

LXD 2.0.6 will include changes to support these kernel changes, but it isn't
available yet on xenial, so for now we just revert these commits.
Signed-off-by: default avatarLuis Henriques <luis.henriques@canonical.com>
parent 2beffce4
...@@ -1677,8 +1677,7 @@ EXPORT_SYMBOL(touch_atime); ...@@ -1677,8 +1677,7 @@ EXPORT_SYMBOL(touch_atime);
*/ */
int should_remove_suid(struct dentry *dentry) int should_remove_suid(struct dentry *dentry)
{ {
struct inode *inode = d_inode(dentry); umode_t mode = d_inode(dentry)->i_mode;
umode_t mode = inode->i_mode;
int kill = 0; int kill = 0;
/* suid always must be killed */ /* suid always must be killed */
...@@ -1692,8 +1691,7 @@ int should_remove_suid(struct dentry *dentry) ...@@ -1692,8 +1691,7 @@ int should_remove_suid(struct dentry *dentry)
if (unlikely((mode & S_ISGID) && (mode & S_IXGRP))) if (unlikely((mode & S_ISGID) && (mode & S_IXGRP)))
kill |= ATTR_KILL_SGID; kill |= ATTR_KILL_SGID;
if (unlikely(kill && !capable_wrt_inode_uidgid(inode, CAP_FSETID) && if (unlikely(kill && !capable(CAP_FSETID) && S_ISREG(mode)))
S_ISREG(mode)))
return kill; return kill;
return 0; return 0;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment