-
Notifications
You must be signed in to change notification settings - Fork 1.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix i_flags issue caused by 64c688d #5486
Conversation
Fix zfs_xvattr_set to set S_IMMUTABLE and S_APPEND flags correctly. Reinstate zfs_set_inode_flags and use it when zfs_xvatter_set and also when setting up inode in zfs_znode_alloc and zfs_rezget. Signed-off-by: Chunwei Chen <david.chen@osnexus.com>
Signed-off-by: Chunwei Chen <david.chen@osnexus.com>
@tuxoko, thanks for your PR! By analyzing the history of the files in this pull request, we identified @lorddoskias, @behlendorf and @dweeezil to be potential reviewers. |
c7a64c5
to
05100ec
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. Presumably the use of inode_set_flags()
can be addressed separately.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actually, while this fixes the existing issue it appears things still aren't quite right. Users without CAP_LINUX_IMMUTABLE were able to clear immutable and append. @tuxoko behlendorf/zfs@c1f4a1b is a proposed fix for the issue, can you apply it to the top of this stack for review.
$ touch testfile
$ sudo chattr +i testfile
$ chattr -i testfile # Should fail
TODO
- Add a basic test cases for immutable and append
- Use inode_set_flags()
@dweeezil we could definitely do it in a separate PR but it sure would be nice to handle it right now as well as add a few test cases. |
The fchange in zpl_ioctl_setflags was for detecting flag change. However it was incorrect and would always fail to detect a flag change from set to unset, causing users without CAP_LINUX_IMMUTABLE to be able to unset flags. Signed-off-by: Chunwei Chen <david.chen@osnexus.com>
@behlendorf |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. I'm fine with the alternate fix.
Is zfstest file run with root? If so how do I drop privilege? |
@tuxoko you can use the |
Signed-off-by: Chunwei Chen <david.chen@osnexus.com>
Signed-off-by: Chunwei Chen <david.chen@osnexus.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM @tuxoko thank you for adding the configure check and test cases. I'll get this merged.
Description
Fix zfs_xvattr_set to set S_IMMUTABLE and S_APPEND flags correctly.
Reinstate zfs_set_inode_flags and use it when zfs_xvatter_set and also when
setting up inode in zfs_znode_alloc and zfs_rezget.
Fix wrong operator in xvattr.h
Motivation and Context
#5470
#5469
How Has This Been Tested?
Types of changes
Checklist: