Revert "UBUNTU: SAUCE: (namespace) fs: Allow superblock owner to change ownership of inodes"

BugLink: https://bugs.launchpad.net/bugs/1644165

This reverts commit 07053c83.

The kernel fix for bug #1634964 breaks LXD userspace, in particular the
following commits:

ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs
ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs

LXD 2.0.6 will include changes to support these kernel changes, but it isn't
available yet on xenial, so for now we just revert these commits.
Signed-off-by: Luis Henriques <luis.henriques@canonical.com>

fs/attr.c

@@ -16,30 +16,6 @@
 #include <linux/evm.h>
 #include <linux/ima.h>
 
-static bool chown_ok(const struct inode *inode, kuid_t uid)
-{
-	if (uid_eq(current_fsuid(), inode->i_uid) &&
-	    uid_eq(uid, inode->i_uid))
-		return true;
-	if (capable_wrt_inode_uidgid(inode, CAP_CHOWN))
-		return true;
-	if (ns_capable(inode->i_sb->s_user_ns, CAP_CHOWN))
-		return true;
-	return false;
-}
-
-static bool chgrp_ok(const struct inode *inode, kgid_t gid)
-{
-	if (uid_eq(current_fsuid(), inode->i_uid) &&
-	    (in_group_p(gid) || gid_eq(gid, inode->i_gid)))
-		return true;
-	if (capable_wrt_inode_uidgid(inode, CAP_CHOWN))
-		return true;
-	if (ns_capable(inode->i_sb->s_user_ns, CAP_CHOWN))
-		return true;
-	return false;
-}
-
 /**
  * inode_change_ok - check if attribute changes to an inode are allowed
  * @inode:	inode to check
@@ -71,11 +47,17 @@ int inode_change_ok(const struct inode *inode, struct iattr *attr)
 		return 0;
 
 	/* Make sure a caller can chown. */
-	if ((ia_valid & ATTR_UID) && !chown_ok(inode, attr->ia_uid))
+	if ((ia_valid & ATTR_UID) &&
+	    (!uid_eq(current_fsuid(), inode->i_uid) ||
+	     !uid_eq(attr->ia_uid, inode->i_uid)) &&
+	    !capable_wrt_inode_uidgid(inode, CAP_CHOWN))
 		return -EPERM;
 
 	/* Make sure caller can chgrp. */
-	if ((ia_valid & ATTR_GID) && !chgrp_ok(inode, attr->ia_gid))
+	if ((ia_valid & ATTR_GID) &&
+	    (!uid_eq(current_fsuid(), inode->i_uid) ||
+	    (!in_group_p(attr->ia_gid) && !gid_eq(attr->ia_gid, inode->i_gid))) &&
+	    !capable_wrt_inode_uidgid(inode, CAP_CHOWN))
 		return -EPERM;
 
 	/* Make sure a caller can chmod. */

fs/proc/base.c

@@ -708,17 +708,10 @@ int proc_setattr(struct dentry *dentry, struct iattr *attr)
 {
 	int error;
 	struct inode *inode = d_inode(dentry);
-	struct user_namespace *s_user_ns;
 
 	if (attr->ia_valid & ATTR_MODE)
 		return -EPERM;
 
-	/* Don't let anyone mess with weird proc files */
-	s_user_ns = inode->i_sb->s_user_ns;
-	if (!kuid_has_mapping(s_user_ns, inode->i_uid) ||
-	    !kgid_has_mapping(s_user_ns, inode->i_gid))
-		return -EPERM;
-
 	error = inode_change_ok(inode, attr);
 	if (error)
 		return error;

fs/proc/generic.c

@@ -103,15 +103,8 @@ static int proc_notify_change(struct dentry *dentry, struct iattr *iattr)
 {
 	struct inode *inode = d_inode(dentry);
 	struct proc_dir_entry *de = PDE(inode);
-	struct user_namespace *s_user_ns;
 	int error;
 
-	/* Don't let anyone mess with weird proc files */
-	s_user_ns = inode->i_sb->s_user_ns;
-	if (!kuid_has_mapping(s_user_ns, inode->i_uid) ||
-	    !kgid_has_mapping(s_user_ns, inode->i_gid))
-		return -EPERM;
-
 	error = inode_change_ok(inode, iattr);
 	if (error)
 		return error;

fs/proc/proc_sysctl.c

@@ -748,18 +748,11 @@ static int proc_sys_permission(struct inode *inode, int mask)
 static int proc_sys_setattr(struct dentry *dentry, struct iattr *attr)
 {
 	struct inode *inode = d_inode(dentry);
-	struct user_namespace *s_user_ns;
 	int error;
 
 	if (attr->ia_valid & (ATTR_MODE | ATTR_UID | ATTR_GID))
 		return -EPERM;
 
-	/* Don't let anyone mess with weird proc files */
-	s_user_ns = inode->i_sb->s_user_ns;
-	if (!kuid_has_mapping(s_user_ns, inode->i_uid) ||
-	    !kgid_has_mapping(s_user_ns, inode->i_gid))
-		return -EPERM;
-
 	error = inode_change_ok(inode, attr);
 	if (error)
 		return error;