devices: fs: Disable HANDLE_KILLPRIV when writeback caching is enabled

The HANDLE_KILLPRIV feature tells the kernel that the file system will
take care of clearing the setuid and setgid bits when a file is written
to by someone other than the owner.

However, this doesn't work when writeback caching is enabled as the
write may be buffered and flushed later, which would prevent the bits
from being cleared on write.

Remove the HANDLE_KILLPRIV feature when writeback caching is enabled.

BUG=b:136128319
TEST=`tast run vm.VirtioFs`

Change-Id: Icef98e878603cc428f83db37857d69bc6da4486c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1890582
Tested-by: Chirantan Ekbote <chirantan@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>

1 files changed, 7 insertions, 1 deletions

diff --git a/devices/src/virtio/fs/server.rs b/devices/src/virtio/fs/server.rs
index 1914c9b..9c3136d 100644
--- a/devices/src/virtio/fs/server.rs
+++ b/devices/src/virtio/fs/server.rs
@@ -835,7 +835,13 @@ impl<F: FileSystem + Sync> Server<F> {
 
         match self.fs.init(capable) {
             Ok(want) => {
-                let enabled = capable & (want | supported);
+                let mut enabled = capable & (want | supported);
+
+                // HANDLE_KILLPRIV doesn't work correctly when writeback caching is enabled so turn
+                // it off.
+                if enabled.contains(FsOptions::WRITEBACK_CACHE) {
+                    enabled.remove(FsOptions::HANDLE_KILLPRIV);
+                }
 
                 let out = InitOut {
                     major: KERNEL_VERSION,