linux/fs/xfs
Jan Kara 073931017b posix_acl: Clear SGID bit when setting file permissions
When file permissions are modified via chmod(2) and the user is not in
the owning group or capable of CAP_FSETID, the setgid bit is cleared in
inode_change_ok().  Setting a POSIX ACL via setxattr(2) sets the file
permissions as well as the new ACL, but doesn't clear the setgid bit in
a similar way; this allows to bypass the check in chmod(2).  Fix that.

References: CVE-2016-7097
Reviewed-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
2016-09-22 10:55:32 +02:00
..
libxfs xfs: move (and rename) the deferred bmap-free tracepoints 2016-08-03 12:31:07 +10:00
Kconfig xfs: implement iomap based buffered write path 2016-06-21 09:53:44 +10:00
kmem.c xfs: improve kmem_realloc 2016-04-06 09:47:01 +10:00
kmem.h xfs: improve kmem_realloc 2016-04-06 09:47:01 +10:00
Makefile xfs: reverse block mapping support for 4.8-rc1 2016-08-06 09:50:36 -04:00
mrlock.h
uuid.c
uuid.h
xfs_acl.c posix_acl: Clear SGID bit when setting file permissions 2016-09-22 10:55:32 +02:00
xfs_acl.h xfs: Change how listxattr generates synthetic attributes 2015-12-06 21:34:16 -05:00
xfs_aops.c xfs: update for 4.8-rc1 2016-07-27 09:53:35 -07:00
xfs_aops.h xfs: direct calls in the direct I/O path 2016-07-20 11:38:01 +10:00
xfs_attr_inactive.c xfs: make several functions static 2016-06-01 17:38:15 +10:00
xfs_attr_list.c xfs: make several functions static 2016-06-01 17:38:15 +10:00
xfs_attr.h xfs: remove put_value from attr ->put_listent context 2016-04-06 07:57:45 +10:00
xfs_bmap_util.c xfs: disable XFS_IOC_SWAPEXT when rmap btree is enabled 2016-08-03 12:18:07 +10:00
xfs_bmap_util.h xfs: change xfs_bmap_{finish,cancel,init,free} -> xfs_defer_* 2016-08-03 11:18:10 +10:00
xfs_buf_item.c Merge branch 'xfs-4.8-misc-fixes-4' into for-next 2016-07-22 14:10:56 +10:00
xfs_buf_item.h xfs: fix non-debug build warnings 2015-08-25 10:05:13 +10:00
xfs_buf.c xfs: update for 4.8-rc1 2016-07-27 09:53:35 -07:00
xfs_buf.h xfs: track and serialize in-flight async buffers against unmount 2016-07-20 11:15:28 +10:00
xfs_dir2_readdir.c xfs: concurrent readdir hangs on data buffer locks 2016-05-18 13:20:21 -04:00
xfs_discard.c xfs: rmap btree requires more reserved free space 2016-08-03 11:38:24 +10:00
xfs_discard.h
xfs_dquot_item.c xfs: allocate log vector buffers outside CIL context lock 2016-07-22 09:52:35 +10:00
xfs_dquot_item.h
xfs_dquot.c xfs: rename flist/free_list to dfops 2016-08-03 11:19:29 +10:00
xfs_dquot.h xfs: fix implicit bool to int conversion 2015-01-09 10:48:58 +11:00
xfs_error.c Merge branch 'xfs-4.8-misc-fixes-3' into for-next 2016-07-20 11:51:08 +10:00
xfs_error.h xfs: propagate bmap updates to rmapbt 2016-08-03 12:16:05 +10:00
xfs_export.c xfs: abstract block export operations from nfsd layouts 2016-07-15 15:31:29 -04:00
xfs_export.h
xfs_extent_busy.c
xfs_extent_busy.h
xfs_extfree_item.c xfs: remove unnecessary parentheses from log redo item recovery functions 2016-08-03 12:29:32 +10:00
xfs_extfree_item.h xfs: refactor redo intent item processing 2016-08-03 11:23:49 +10:00
xfs_file.c xfs: update for 4.8-rc1 2016-07-27 09:53:35 -07:00
xfs_filestream.c xfs: rename flist/free_list to dfops 2016-08-03 11:19:29 +10:00
xfs_filestream.h
xfs_fsops.c xfs: add rmap btree geometry feature flag 2016-08-03 12:16:44 +10:00
xfs_fsops.h xfs: remove unused function definitions 2016-02-08 14:58:07 +11:00
xfs_globals.c
xfs_icache.c xfs: cancel eofblocks background trimming on remount read-only 2016-06-21 11:53:28 +10:00
xfs_icache.h xfs: cancel eofblocks background trimming on remount read-only 2016-06-21 11:53:28 +10:00
xfs_icreate_item.c xfs: move most of xfs_sb.h to xfs_format.h 2014-11-28 14:27:09 +11:00
xfs_icreate_item.h
xfs_inode_item.c xfs: allocate log vector buffers outside CIL context lock 2016-07-22 09:52:35 +10:00
xfs_inode_item.h xfs: remove timestamps from incore inode 2016-02-09 16:54:58 +11:00
xfs_inode.c xfs: rename flist/free_list to dfops 2016-08-03 11:19:29 +10:00
xfs_inode.h xfs: change xfs_bmap_{finish,cancel,init,free} -> xfs_defer_* 2016-08-03 11:18:10 +10:00
xfs_ioctl32.c xfs: don't pass ioflags around in the ioctl path 2016-07-20 11:29:35 +10:00
xfs_ioctl32.h
xfs_ioctl.c fs: return EPERM on immutable inode 2016-08-07 10:03:31 -04:00
xfs_ioctl.h xfs: don't pass ioflags around in the ioctl path 2016-07-20 11:29:35 +10:00
xfs_iomap.c xfs: rename flist/free_list to dfops 2016-08-03 11:19:29 +10:00
xfs_iomap.h xfs: implement iomap based buffered write path 2016-06-21 09:53:44 +10:00
xfs_iops.c xfs: use iomap infrastructure for DAX zeroing 2016-06-21 09:55:18 +10:00
xfs_iops.h xfs: inodes are new until the dentry cache is set up 2015-02-23 22:38:08 +11:00
xfs_itable.c xfs: mode di_mode to vfs inode 2016-02-09 16:54:58 +11:00
xfs_itable.h
xfs_linux.h xfs: remove __arch_pack 2016-07-20 11:48:46 +10:00
xfs_log_cil.c xfs: allocate log vector buffers outside CIL context lock 2016-07-22 09:52:35 +10:00
xfs_log_priv.h xfs: remove transaction types 2016-04-06 09:20:36 +10:00
xfs_log_recover.c xfs: remove the extents array from the rmap update done log item 2016-08-03 12:28:43 +10:00
xfs_log.c Merge branch 'xfs-4.8-buf-fixes' into for-next 2016-07-20 11:53:35 +10:00
xfs_log.h xfs: make several functions static 2016-06-01 17:38:15 +10:00
xfs_message.c xfs: more info from kmem deadlocks and high-level error msgs 2015-10-12 16:04:45 +11:00
xfs_message.h
xfs_mount.c xfs: rmap btree requires more reserved free space 2016-08-03 11:38:24 +10:00
xfs_mount.h xfs: rmap btree requires more reserved free space 2016-08-03 11:38:24 +10:00
xfs_mru_cache.c xfs: xfs_mru_cache_insert() should use GFP_NOFS 2015-03-25 14:57:53 +11:00
xfs_mru_cache.h
xfs_ondisk.h xfs: define the on-disk rmap btree format 2016-08-03 11:36:07 +10:00
xfs_pnfs.c xfs: make xfs_bmbt_to_iomap available outside of xfs_pnfs.c 2016-06-21 09:52:47 +10:00
xfs_pnfs.h xfs: abstract block export operations from nfsd layouts 2016-07-15 15:31:29 -04:00
xfs_qm_bhv.c xfs: move most of xfs_sb.h to xfs_format.h 2014-11-28 14:27:09 +11:00
xfs_qm_syscalls.c xfs: better xfs_trans_alloc interface 2016-04-06 09:19:55 +10:00
xfs_qm.c xfs: better xfs_trans_alloc interface 2016-04-06 09:19:55 +10:00
xfs_qm.h xfs: Split default quota limits by quota type 2016-02-08 11:27:55 +11:00
xfs_quota.h xfs: fix quota block reservation leak when tp allocates and frees blocks 2015-06-01 07:15:37 +10:00
xfs_quotaops.c xfs: wire up Q_XGETNEXTQUOTA / get_nextdqblk 2016-02-08 11:27:38 +11:00
xfs_rmap_item.c xfs: remove unnecessary parentheses from log redo item recovery functions 2016-08-03 12:29:32 +10:00
xfs_rmap_item.h xfs: remove the extents array from the rmap update done log item 2016-08-03 12:28:43 +10:00
xfs_rtalloc.c xfs: rename flist/free_list to dfops 2016-08-03 11:19:29 +10:00
xfs_rtalloc.h xfs: make several functions static 2016-06-01 17:38:15 +10:00
xfs_stats.c xfs: reverse block mapping support for 4.8-rc1 2016-08-06 09:50:36 -04:00
xfs_stats.h xfs: add rmap btree stats infrastructure 2016-08-03 11:31:11 +10:00
xfs_super.c xfs: remove the extents array from the rmap update done log item 2016-08-03 12:28:43 +10:00
xfs_super.h xfs: make several functions static 2016-06-01 17:38:15 +10:00
xfs_symlink.c xfs: rename flist/free_list to dfops 2016-08-03 11:19:29 +10:00
xfs_symlink.h
xfs_sysctl.c xfs: pass xfsstats structures to handlers and macros 2015-10-12 05:19:45 +11:00
xfs_sysctl.h
xfs_sysfs.c xfs: fix xfs_error_get_cfg for negative errnos 2016-07-20 10:48:51 +10:00
xfs_sysfs.h xfs: configurable error behavior via sysfs 2016-05-18 10:58:51 +10:00
xfs_trace.c xfs: rework xfs_bmap_free callers to use xfs_defer_ops 2016-08-03 11:15:38 +10:00
xfs_trace.h xfs: convert unwritten status of reverse mappings 2016-08-03 12:03:19 +10:00
xfs_trans_ail.c xfs: Make xfsaild freezeable again 2016-02-08 14:59:07 +11:00
xfs_trans_buf.c xfs: remove XBF_STALE flag wrapper macros 2016-02-10 15:01:11 +11:00
xfs_trans_dquot.c xfs: Split default quota limits by quota type 2016-02-08 11:27:55 +11:00
xfs_trans_extfree.c xfs: move (and rename) the deferred bmap-free tracepoints 2016-08-03 12:31:07 +10:00
xfs_trans_inode.c xfs: move di_changecount to VFS inode 2016-02-09 16:54:58 +11:00
xfs_trans_priv.h xfs: add helper to conditionally remove items from the AIL 2015-08-19 10:01:08 +10:00
xfs_trans_rmap.c xfs: collapse single use static functions 2016-08-03 12:30:31 +10:00
xfs_trans.c xfs: remove transaction types 2016-04-06 09:20:36 +10:00
xfs_trans.h xfs: remove the extents array from the rmap update done log item 2016-08-03 12:28:43 +10:00
xfs_xattr.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2016-05-27 17:14:05 -07:00
xfs.h