From f68a2940f4734687fba96380d1111bfae2c43ffa Mon Sep 17 00:00:00 2001 From: Chirantan Ekbote Date: Sat, 19 Oct 2019 03:31:32 +0900 Subject: devices: fs: Disable HANDLE_KILLPRIV when writeback caching is enabled The HANDLE_KILLPRIV feature tells the kernel that the file system will take care of clearing the setuid and setgid bits when a file is written to by someone other than the owner. However, this doesn't work when writeback caching is enabled as the write may be buffered and flushed later, which would prevent the bits from being cleared on write. Remove the HANDLE_KILLPRIV feature when writeback caching is enabled. BUG=b:136128319 TEST=`tast run vm.VirtioFs` Change-Id: Icef98e878603cc428f83db37857d69bc6da4486c Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1890582 Tested-by: Chirantan Ekbote Tested-by: kokoro Commit-Queue: Chirantan Ekbote Reviewed-by: Daniel Verkamp Reviewed-by: Stephen Barber --- devices/src/virtio/fs/server.rs | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'devices/src/virtio') diff --git a/devices/src/virtio/fs/server.rs b/devices/src/virtio/fs/server.rs index 1914c9b..9c3136d 100644 --- a/devices/src/virtio/fs/server.rs +++ b/devices/src/virtio/fs/server.rs @@ -835,7 +835,13 @@ impl Server { match self.fs.init(capable) { Ok(want) => { - let enabled = capable & (want | supported); + let mut enabled = capable & (want | supported); + + // HANDLE_KILLPRIV doesn't work correctly when writeback caching is enabled so turn + // it off. + if enabled.contains(FsOptions::WRITEBACK_CACHE) { + enabled.remove(FsOptions::HANDLE_KILLPRIV); + } let out = InitOut { major: KERNEL_VERSION, -- cgit 1.4.1