[PATCH 0/7] fix setuid/setgid clearing in networked filesystems (take 5)

When an unprivileged process attempts to modify a file that has the setuid or setgid bits set, the VFS will attempt to clear these bits. The VFS will set the ATTR_KILL_SUID or ATTR_KILL_SGID bits in the ia_valid mask, and then call notify_change to clear these bits and set the mode accordingly.

[PATCH 1/7] VFS: make notify_change pass ATTR_KILL_S*ID to setattr operations

Make notify_change not clear the ATTR_KILL_S*ID bits in the ia_vaid that gets passed to the setattr inode operation. This allows the filesystems to reinterpret whether this mode change is simply intended to clear the setuid/setgid bits. This means that notify_change should never be called with

[PATCH 2/7] NFS: if ATTR_KILL_S*ID bits are set, then skip mode change

If the ATTR_KILL_S*ID bits are set then any mode change is only for clearing the setuid/setgid bits. For NFS skip the mode change and let the server handle it. Signed-off-by: Jeff Layton [EMAIL PROTECTED] --- fs/nfs/inode.c |4 1 files changed, 4 insertions(+), 0 deletions(-) diff

[PATCH 3/7] CIFS: ignore mode change if it's just for clearing setuid/setgid bits

If the ATTR_KILL_S*ID bits are set then any mode change is only for clearing the setuid/setgid bits. For NFS, skip the mode change and let the server handle it. Signed-off-by: Jeff Layton [EMAIL PROTECTED] --- fs/cifs/inode.c |5 + 1 files changed, 5 insertions(+), 0 deletions(-) diff

[PATCH 4/7] ecryptfs: allow lower fs to interpret ATTR_KILL_S*ID

Make sure ecryptfs doesn't trip the BUG() in notify_change. This also allows the lower filesystem to interpret these bits in their own way. Signed-off-by: Jeff Layton [EMAIL PROTECTED] --- fs/ecryptfs/inode.c |8 1 files changed, 8 insertions(+), 0 deletions(-) diff --git

[PATCH 5/7] knfsd: only set ATTR_KILL_S*ID if ATTR_MODE isn't being explicitly set

It's theoretically possible for a single SETATTR call to come in that sets the mode and the uid/gid. In that case, assume the mode is correct and don't set the ATTR_KILL_S*ID bits. Doing so would trip the BUG() in notify_change. Signed-off-by: Jeff Layton [EMAIL PROTECTED] --- fs/nfsd/vfs.c |

[PATCH 6/7] reiserfs: turn off ATTR_KILL_S*ID at beginning of reiserfs_setattr

reiserfs_setattr can call notify_change recursively using the same iattr struct. This could cause it to trip the BUG() in notify_change. Fix reiserfs to clear those bits near the beginning of the function. Signed-off-by: Jeff Layton [EMAIL PROTECTED] --- fs/reiserfs/inode.c |6 +- 1

[PATCH 7/7] unionfs: fix unionfs_create and unionfs_setattr to handle ATTR_KILL_S*ID

Don't allow either function to trip the BUG() in notify_change. For unionfs_setattr, clear ATTR_MODE if the either ATTR_KILL_S*ID is set. unionfs_create is setting the mode explicitly already. Don't set ATTR_KILL_S*ID. Just fix up the mode to have the same effect. Also, move locking the i_mutex

Re: [RFC] System calls for online defrag

On Sep 03, 2007 20:03 +0200, Jan Kara wrote: I've finally got to writing up some proposal how could look system calls allowing for online filesystem defragmentation and generally moving file blocks around for improving performance. Comments are welcome. int sys_movedata(int datafd, int