VisionFive2 Linux kernel

StarFive Tech Linux Kernel for VisionFive (JH7110) boards (mirror)

More than 9999 Commits   35 Branches   59 Tags
b24413180f560 (Greg Kroah-Hartman 2017-11-01 15:07:57 +0100   1) // SPDX-License-Identifier: GPL-2.0
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700   2) /*
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700   3)  *  linux/fs/attr.c
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700   4)  *
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700   5)  *  Copyright (C) 1991, 1992  Linus Torvalds
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700   6)  *  changes by Thomas Schoebel-Theuer
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700   7)  */
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700   8) 
630d9c47274aa (Paul Gortmaker     2011-11-16 23:57:37 -0500   9) #include <linux/export.h>
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700  10) #include <linux/time.h>
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700  11) #include <linux/mm.h>
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700  12) #include <linux/string.h>
3f07c0144132e (Ingo Molnar        2017-02-08 18:51:30 +0100  13) #include <linux/sched/signal.h>
16f7e0fe2ecc3 (Randy Dunlap       2006-01-11 12:17:46 -0800  14) #include <linux/capability.h>
0eeca28300df1 (Robert Love        2005-07-12 17:06:03 -0400  15) #include <linux/fsnotify.h>
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700  16) #include <linux/fcntl.h>
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700  17) #include <linux/security.h>
975d294373d8c (Mimi Zohar         2011-03-09 14:39:57 -0500  18) #include <linux/evm.h>
9957a5043e7b0 (Mimi Zohar         2011-03-09 22:57:53 -0500  19) #include <linux/ima.h>
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700  20) 
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  21) /**
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  22)  * chown_ok - verify permissions to chown inode
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  23)  * @mnt_userns:	user namespace of the mount @inode was found from
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  24)  * @inode:	inode to check permissions on
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  25)  * @uid:	uid to chown @inode to
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  26)  *
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  27)  * If the inode has been found through an idmapped mount the user namespace of
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  28)  * the vfsmount must be passed through @mnt_userns. This function will then
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  29)  * take care to map the inode according to @mnt_userns before checking
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  30)  * permissions. On non-idmapped mounts or if permission checking is to be
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  31)  * performed on the raw inode simply passs init_user_ns.
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  32)  */
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  33) static bool chown_ok(struct user_namespace *mnt_userns,
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  34) 		     const struct inode *inode,
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  35) 		     kuid_t uid)
0031181c49ca9 (Eric W. Biederman  2016-10-15 18:36:59 -0500  36) {
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  37) 	kuid_t kuid = i_uid_into_mnt(mnt_userns, inode);
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  38) 	if (uid_eq(current_fsuid(), kuid) && uid_eq(uid, kuid))
0031181c49ca9 (Eric W. Biederman  2016-10-15 18:36:59 -0500  39) 		return true;
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  40) 	if (capable_wrt_inode_uidgid(mnt_userns, inode, CAP_CHOWN))
0031181c49ca9 (Eric W. Biederman  2016-10-15 18:36:59 -0500  41) 		return true;
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  42) 	if (uid_eq(kuid, INVALID_UID) &&
0031181c49ca9 (Eric W. Biederman  2016-10-15 18:36:59 -0500  43) 	    ns_capable(inode->i_sb->s_user_ns, CAP_CHOWN))
0031181c49ca9 (Eric W. Biederman  2016-10-15 18:36:59 -0500  44) 		return true;
0031181c49ca9 (Eric W. Biederman  2016-10-15 18:36:59 -0500  45) 	return false;
0031181c49ca9 (Eric W. Biederman  2016-10-15 18:36:59 -0500  46) }
0031181c49ca9 (Eric W. Biederman  2016-10-15 18:36:59 -0500  47) 
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  48) /**
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  49)  * chgrp_ok - verify permissions to chgrp inode
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  50)  * @mnt_userns:	user namespace of the mount @inode was found from
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  51)  * @inode:	inode to check permissions on
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  52)  * @gid:	gid to chown @inode to
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  53)  *
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  54)  * If the inode has been found through an idmapped mount the user namespace of
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  55)  * the vfsmount must be passed through @mnt_userns. This function will then
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  56)  * take care to map the inode according to @mnt_userns before checking
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  57)  * permissions. On non-idmapped mounts or if permission checking is to be
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  58)  * performed on the raw inode simply passs init_user_ns.
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  59)  */
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  60) static bool chgrp_ok(struct user_namespace *mnt_userns,
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  61) 		     const struct inode *inode, kgid_t gid)
0031181c49ca9 (Eric W. Biederman  2016-10-15 18:36:59 -0500  62) {
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  63) 	kgid_t kgid = i_gid_into_mnt(mnt_userns, inode);
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  64) 	if (uid_eq(current_fsuid(), i_uid_into_mnt(mnt_userns, inode)) &&
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  65) 	    (in_group_p(gid) || gid_eq(gid, kgid)))
0031181c49ca9 (Eric W. Biederman  2016-10-15 18:36:59 -0500  66) 		return true;
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  67) 	if (capable_wrt_inode_uidgid(mnt_userns, inode, CAP_CHOWN))
0031181c49ca9 (Eric W. Biederman  2016-10-15 18:36:59 -0500  68) 		return true;
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  69) 	if (gid_eq(kgid, INVALID_GID) &&
0031181c49ca9 (Eric W. Biederman  2016-10-15 18:36:59 -0500  70) 	    ns_capable(inode->i_sb->s_user_ns, CAP_CHOWN))
0031181c49ca9 (Eric W. Biederman  2016-10-15 18:36:59 -0500  71) 		return true;
0031181c49ca9 (Eric W. Biederman  2016-10-15 18:36:59 -0500  72) 	return false;
0031181c49ca9 (Eric W. Biederman  2016-10-15 18:36:59 -0500  73) }
0031181c49ca9 (Eric W. Biederman  2016-10-15 18:36:59 -0500  74) 
2c27c65ed0696 (Christoph Hellwig  2010-06-04 11:30:04 +0200  75) /**
31051c85b5e2a (Jan Kara           2016-05-26 16:55:18 +0200  76)  * setattr_prepare - check if attribute changes to a dentry are allowed
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  77)  * @mnt_userns:	user namespace of the mount the inode was found from
31051c85b5e2a (Jan Kara           2016-05-26 16:55:18 +0200  78)  * @dentry:	dentry to check
2c27c65ed0696 (Christoph Hellwig  2010-06-04 11:30:04 +0200  79)  * @attr:	attributes to change
2c27c65ed0696 (Christoph Hellwig  2010-06-04 11:30:04 +0200  80)  *
2c27c65ed0696 (Christoph Hellwig  2010-06-04 11:30:04 +0200  81)  * Check if we are allowed to change the attributes contained in @attr
31051c85b5e2a (Jan Kara           2016-05-26 16:55:18 +0200  82)  * in the given dentry.  This includes the normal unix access permission
31051c85b5e2a (Jan Kara           2016-05-26 16:55:18 +0200  83)  * checks, as well as checks for rlimits and others. The function also clears
31051c85b5e2a (Jan Kara           2016-05-26 16:55:18 +0200  84)  * SGID bit from mode if user is not allowed to set it. Also file capabilities
31051c85b5e2a (Jan Kara           2016-05-26 16:55:18 +0200  85)  * and IMA extended attributes are cleared if ATTR_KILL_PRIV is set.
2c27c65ed0696 (Christoph Hellwig  2010-06-04 11:30:04 +0200  86)  *
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  87)  * If the inode has been found through an idmapped mount the user namespace of
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  88)  * the vfsmount must be passed through @mnt_userns. This function will then
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  89)  * take care to map the inode according to @mnt_userns before checking
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  90)  * permissions. On non-idmapped mounts or if permission checking is to be
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  91)  * performed on the raw inode simply passs init_user_ns.
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  92)  *
2c27c65ed0696 (Christoph Hellwig  2010-06-04 11:30:04 +0200  93)  * Should be called as the first thing in ->setattr implementations,
2c27c65ed0696 (Christoph Hellwig  2010-06-04 11:30:04 +0200  94)  * possibly after taking additional locks.
2c27c65ed0696 (Christoph Hellwig  2010-06-04 11:30:04 +0200  95)  */
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  96) int setattr_prepare(struct user_namespace *mnt_userns, struct dentry *dentry,
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100  97) 		    struct iattr *attr)
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700  98) {
31051c85b5e2a (Jan Kara           2016-05-26 16:55:18 +0200  99) 	struct inode *inode = d_inode(dentry);
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 100) 	unsigned int ia_valid = attr->ia_valid;
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 101) 
2c27c65ed0696 (Christoph Hellwig  2010-06-04 11:30:04 +0200 102) 	/*
2c27c65ed0696 (Christoph Hellwig  2010-06-04 11:30:04 +0200 103) 	 * First check size constraints.  These can't be overriden using
2c27c65ed0696 (Christoph Hellwig  2010-06-04 11:30:04 +0200 104) 	 * ATTR_FORCE.
2c27c65ed0696 (Christoph Hellwig  2010-06-04 11:30:04 +0200 105) 	 */
2c27c65ed0696 (Christoph Hellwig  2010-06-04 11:30:04 +0200 106) 	if (ia_valid & ATTR_SIZE) {
2c27c65ed0696 (Christoph Hellwig  2010-06-04 11:30:04 +0200 107) 		int error = inode_newsize_ok(inode, attr->ia_size);
2c27c65ed0696 (Christoph Hellwig  2010-06-04 11:30:04 +0200 108) 		if (error)
2c27c65ed0696 (Christoph Hellwig  2010-06-04 11:30:04 +0200 109) 			return error;
2c27c65ed0696 (Christoph Hellwig  2010-06-04 11:30:04 +0200 110) 	}
2c27c65ed0696 (Christoph Hellwig  2010-06-04 11:30:04 +0200 111) 
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 112) 	/* If force is set do it anyway. */
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 113) 	if (ia_valid & ATTR_FORCE)
030b533c4fd4d (Jan Kara           2016-05-26 17:21:32 +0200 114) 		goto kill_priv;
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 115) 
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 116) 	/* Make sure a caller can chown. */
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 117) 	if ((ia_valid & ATTR_UID) && !chown_ok(mnt_userns, inode, attr->ia_uid))
2c27c65ed0696 (Christoph Hellwig  2010-06-04 11:30:04 +0200 118) 		return -EPERM;
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 119) 
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 120) 	/* Make sure caller can chgrp. */
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 121) 	if ((ia_valid & ATTR_GID) && !chgrp_ok(mnt_userns, inode, attr->ia_gid))
2c27c65ed0696 (Christoph Hellwig  2010-06-04 11:30:04 +0200 122) 		return -EPERM;
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 123) 
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 124) 	/* Make sure a caller can chmod. */
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 125) 	if (ia_valid & ATTR_MODE) {
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 126) 		if (!inode_owner_or_capable(mnt_userns, inode))
2c27c65ed0696 (Christoph Hellwig  2010-06-04 11:30:04 +0200 127) 			return -EPERM;
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 128) 		/* Also check the setgid bit! */
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 129)                if (!in_group_p((ia_valid & ATTR_GID) ? attr->ia_gid :
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 130)                                 i_gid_into_mnt(mnt_userns, inode)) &&
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 131)                     !capable_wrt_inode_uidgid(mnt_userns, inode, CAP_FSETID))
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 132) 			attr->ia_mode &= ~S_ISGID;
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 133) 	}
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 134) 
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 135) 	/* Check for setting the inode time. */
9767d74957450 (Miklos Szeredi     2008-07-01 15:01:26 +0200 136) 	if (ia_valid & (ATTR_MTIME_SET | ATTR_ATIME_SET | ATTR_TIMES_SET)) {
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 137) 		if (!inode_owner_or_capable(mnt_userns, inode))
2c27c65ed0696 (Christoph Hellwig  2010-06-04 11:30:04 +0200 138) 			return -EPERM;
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 139) 	}
2c27c65ed0696 (Christoph Hellwig  2010-06-04 11:30:04 +0200 140) 
030b533c4fd4d (Jan Kara           2016-05-26 17:21:32 +0200 141) kill_priv:
030b533c4fd4d (Jan Kara           2016-05-26 17:21:32 +0200 142) 	/* User has permission for the change */
030b533c4fd4d (Jan Kara           2016-05-26 17:21:32 +0200 143) 	if (ia_valid & ATTR_KILL_PRIV) {
030b533c4fd4d (Jan Kara           2016-05-26 17:21:32 +0200 144) 		int error;
030b533c4fd4d (Jan Kara           2016-05-26 17:21:32 +0200 145) 
71bc356f93a1c (Christian Brauner  2021-01-21 14:19:29 +0100 146) 		error = security_inode_killpriv(mnt_userns, dentry);
030b533c4fd4d (Jan Kara           2016-05-26 17:21:32 +0200 147) 		if (error)
030b533c4fd4d (Jan Kara           2016-05-26 17:21:32 +0200 148) 			return error;
030b533c4fd4d (Jan Kara           2016-05-26 17:21:32 +0200 149) 	}
030b533c4fd4d (Jan Kara           2016-05-26 17:21:32 +0200 150) 
2c27c65ed0696 (Christoph Hellwig  2010-06-04 11:30:04 +0200 151) 	return 0;
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 152) }
31051c85b5e2a (Jan Kara           2016-05-26 16:55:18 +0200 153) EXPORT_SYMBOL(setattr_prepare);
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 154) 
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 155) /**
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 156)  * inode_newsize_ok - may this inode be truncated to a given size
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 157)  * @inode:	the inode to be truncated
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 158)  * @offset:	the new size to assign to the inode
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 159)  *
7bb46a6734a7e (Nicholas Piggin    2010-05-27 01:05:33 +1000 160)  * inode_newsize_ok must be called with i_mutex held.
7bb46a6734a7e (Nicholas Piggin    2010-05-27 01:05:33 +1000 161)  *
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 162)  * inode_newsize_ok will check filesystem limits and ulimits to check that the
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 163)  * new inode size is within limits. inode_newsize_ok will also send SIGXFSZ
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 164)  * when necessary. Caller must not proceed with inode size change if failure is
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 165)  * returned. @inode must be a file (not directory), with appropriate
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 166)  * permissions to allow truncate (inode_newsize_ok does NOT check these
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 167)  * conditions).
3fae17468a96f (Matthew Wilcox     2018-07-03 08:08:34 -0700 168)  *
3fae17468a96f (Matthew Wilcox     2018-07-03 08:08:34 -0700 169)  * Return: 0 on success, -ve errno on failure
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 170)  */
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 171) int inode_newsize_ok(const struct inode *inode, loff_t offset)
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 172) {
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 173) 	if (inode->i_size < offset) {
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 174) 		unsigned long limit;
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 175) 
d554ed895dc8f (Jiri Slaby         2010-03-05 13:42:42 -0800 176) 		limit = rlimit(RLIMIT_FSIZE);
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 177) 		if (limit != RLIM_INFINITY && offset > limit)
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 178) 			goto out_sig;
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 179) 		if (offset > inode->i_sb->s_maxbytes)
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 180) 			goto out_big;
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 181) 	} else {
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 182) 		/*
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 183) 		 * truncation of in-use swapfiles is disallowed - it would
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 184) 		 * cause subsequent swapout to scribble on the now-freed
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 185) 		 * blocks.
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 186) 		 */
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 187) 		if (IS_SWAPFILE(inode))
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 188) 			return -ETXTBSY;
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 189) 	}
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 190) 
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 191) 	return 0;
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 192) out_sig:
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 193) 	send_sig(SIGXFSZ, current, 0);
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 194) out_big:
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 195) 	return -EFBIG;
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 196) }
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 197) EXPORT_SYMBOL(inode_newsize_ok);
25d9e2d152862 (Nicholas Piggin    2009-08-21 02:35:05 +1000 198) 
7bb46a6734a7e (Nicholas Piggin    2010-05-27 01:05:33 +1000 199) /**
6a1a90ad1b0ed (Christoph Hellwig  2010-06-04 11:30:00 +0200 200)  * setattr_copy - copy simple metadata updates into the generic inode
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 201)  * @mnt_userns:	user namespace of the mount the inode was found from
7bb46a6734a7e (Nicholas Piggin    2010-05-27 01:05:33 +1000 202)  * @inode:	the inode to be updated
7bb46a6734a7e (Nicholas Piggin    2010-05-27 01:05:33 +1000 203)  * @attr:	the new attributes
7bb46a6734a7e (Nicholas Piggin    2010-05-27 01:05:33 +1000 204)  *
6a1a90ad1b0ed (Christoph Hellwig  2010-06-04 11:30:00 +0200 205)  * setattr_copy must be called with i_mutex held.
7bb46a6734a7e (Nicholas Piggin    2010-05-27 01:05:33 +1000 206)  *
6a1a90ad1b0ed (Christoph Hellwig  2010-06-04 11:30:00 +0200 207)  * setattr_copy updates the inode's metadata with that specified
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 208)  * in attr on idmapped mounts. If file ownership is changed setattr_copy
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 209)  * doesn't map ia_uid and ia_gid. It will asssume the caller has already
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 210)  * provided the intended values. Necessary permission checks to determine
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 211)  * whether or not the S_ISGID property needs to be removed are performed with
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 212)  * the correct idmapped mount permission helpers.
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 213)  * Noticeably missing is inode size update, which is more complex
2c27c65ed0696 (Christoph Hellwig  2010-06-04 11:30:04 +0200 214)  * as it requires pagecache updates.
7bb46a6734a7e (Nicholas Piggin    2010-05-27 01:05:33 +1000 215)  *
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 216)  * If the inode has been found through an idmapped mount the user namespace of
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 217)  * the vfsmount must be passed through @mnt_userns. This function will then
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 218)  * take care to map the inode according to @mnt_userns before checking
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 219)  * permissions. On non-idmapped mounts or if permission checking is to be
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 220)  * performed on the raw inode simply passs init_user_ns.
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 221)  *
7bb46a6734a7e (Nicholas Piggin    2010-05-27 01:05:33 +1000 222)  * The inode is not marked as dirty after this operation. The rationale is
7bb46a6734a7e (Nicholas Piggin    2010-05-27 01:05:33 +1000 223)  * that for "simple" filesystems, the struct inode is the inode storage.
7bb46a6734a7e (Nicholas Piggin    2010-05-27 01:05:33 +1000 224)  * The caller is free to mark the inode dirty afterwards if needed.
7bb46a6734a7e (Nicholas Piggin    2010-05-27 01:05:33 +1000 225)  */
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 226) void setattr_copy(struct user_namespace *mnt_userns, struct inode *inode,
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 227) 		  const struct iattr *attr)
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 228) {
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 229) 	unsigned int ia_valid = attr->ia_valid;
4a30131e7dbb1 (NeilBrown          2006-01-08 01:02:39 -0800 230) 
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 231) 	if (ia_valid & ATTR_UID)
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 232) 		inode->i_uid = attr->ia_uid;
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 233) 	if (ia_valid & ATTR_GID)
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 234) 		inode->i_gid = attr->ia_gid;
eb31e2f63d85d (Amir Goldstein     2019-11-24 21:31:45 +0200 235) 	if (ia_valid & ATTR_ATIME)
eb31e2f63d85d (Amir Goldstein     2019-11-24 21:31:45 +0200 236) 		inode->i_atime = attr->ia_atime;
eb31e2f63d85d (Amir Goldstein     2019-11-24 21:31:45 +0200 237) 	if (ia_valid & ATTR_MTIME)
eb31e2f63d85d (Amir Goldstein     2019-11-24 21:31:45 +0200 238) 		inode->i_mtime = attr->ia_mtime;
eb31e2f63d85d (Amir Goldstein     2019-11-24 21:31:45 +0200 239) 	if (ia_valid & ATTR_CTIME)
eb31e2f63d85d (Amir Goldstein     2019-11-24 21:31:45 +0200 240) 		inode->i_ctime = attr->ia_ctime;
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 241) 	if (ia_valid & ATTR_MODE) {
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 242) 		umode_t mode = attr->ia_mode;
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 243) 		kgid_t kgid = i_gid_into_mnt(mnt_userns, inode);
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 244) 		if (!in_group_p(kgid) &&
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 245) 		    !capable_wrt_inode_uidgid(mnt_userns, inode, CAP_FSETID))
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 246) 			mode &= ~S_ISGID;
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 247) 		inode->i_mode = mode;
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 248) 	}
7bb46a6734a7e (Nicholas Piggin    2010-05-27 01:05:33 +1000 249) }
6a1a90ad1b0ed (Christoph Hellwig  2010-06-04 11:30:00 +0200 250) EXPORT_SYMBOL(setattr_copy);
7bb46a6734a7e (Nicholas Piggin    2010-05-27 01:05:33 +1000 251) 
27ac0ffeac80b (J. Bruce Fields    2011-09-20 17:19:26 -0400 252) /**
27ac0ffeac80b (J. Bruce Fields    2011-09-20 17:19:26 -0400 253)  * notify_change - modify attributes of a filesytem object
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 254)  * @mnt_userns:	user namespace of the mount the inode was found from
27ac0ffeac80b (J. Bruce Fields    2011-09-20 17:19:26 -0400 255)  * @dentry:	object affected
3fae17468a96f (Matthew Wilcox     2018-07-03 08:08:34 -0700 256)  * @attr:	new attributes
27ac0ffeac80b (J. Bruce Fields    2011-09-20 17:19:26 -0400 257)  * @delegated_inode: returns inode, if the inode is delegated
27ac0ffeac80b (J. Bruce Fields    2011-09-20 17:19:26 -0400 258)  *
27ac0ffeac80b (J. Bruce Fields    2011-09-20 17:19:26 -0400 259)  * The caller must hold the i_mutex on the affected object.
27ac0ffeac80b (J. Bruce Fields    2011-09-20 17:19:26 -0400 260)  *
27ac0ffeac80b (J. Bruce Fields    2011-09-20 17:19:26 -0400 261)  * If notify_change discovers a delegation in need of breaking,
27ac0ffeac80b (J. Bruce Fields    2011-09-20 17:19:26 -0400 262)  * it will return -EWOULDBLOCK and return a reference to the inode in
27ac0ffeac80b (J. Bruce Fields    2011-09-20 17:19:26 -0400 263)  * delegated_inode.  The caller should then break the delegation and
27ac0ffeac80b (J. Bruce Fields    2011-09-20 17:19:26 -0400 264)  * retry.  Because breaking a delegation may take a long time, the
27ac0ffeac80b (J. Bruce Fields    2011-09-20 17:19:26 -0400 265)  * caller should drop the i_mutex before doing so.
27ac0ffeac80b (J. Bruce Fields    2011-09-20 17:19:26 -0400 266)  *
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 267)  * If file ownership is changed notify_change() doesn't map ia_uid and
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 268)  * ia_gid. It will asssume the caller has already provided the intended values.
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 269)  *
27ac0ffeac80b (J. Bruce Fields    2011-09-20 17:19:26 -0400 270)  * Alternatively, a caller may pass NULL for delegated_inode.  This may
27ac0ffeac80b (J. Bruce Fields    2011-09-20 17:19:26 -0400 271)  * be appropriate for callers that expect the underlying filesystem not
27ac0ffeac80b (J. Bruce Fields    2011-09-20 17:19:26 -0400 272)  * to be NFS exported.  Also, passing NULL is fine for callers holding
27ac0ffeac80b (J. Bruce Fields    2011-09-20 17:19:26 -0400 273)  * the file open for write, as there can be no conflicting delegation in
27ac0ffeac80b (J. Bruce Fields    2011-09-20 17:19:26 -0400 274)  * that case.
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 275)  *
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 276)  * If the inode has been found through an idmapped mount the user namespace of
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 277)  * the vfsmount must be passed through @mnt_userns. This function will then
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 278)  * take care to map the inode according to @mnt_userns before checking
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 279)  * permissions. On non-idmapped mounts or if permission checking is to be
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 280)  * performed on the raw inode simply passs init_user_ns.
27ac0ffeac80b (J. Bruce Fields    2011-09-20 17:19:26 -0400 281)  */
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 282) int notify_change(struct user_namespace *mnt_userns, struct dentry *dentry,
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 283) 		  struct iattr *attr, struct inode **delegated_inode)
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 284) {
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 285) 	struct inode *inode = dentry->d_inode;
8d334acdd2c1f (Al Viro            2011-07-24 23:21:59 -0400 286) 	umode_t mode = inode->i_mode;
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 287) 	int error;
95582b0083883 (Deepa Dinamani     2018-05-08 19:36:02 -0700 288) 	struct timespec64 now;
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 289) 	unsigned int ia_valid = attr->ia_valid;
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 290) 
5955102c9984f (Al Viro            2016-01-22 15:40:57 -0500 291) 	WARN_ON_ONCE(!inode_is_locked(inode));
c4107b3097465 (Andrew Morton      2012-06-20 09:55:58 +1000 292) 
beb29e058c35a (Miklos Szeredi     2008-07-01 15:01:29 +0200 293) 	if (ia_valid & (ATTR_MODE | ATTR_UID | ATTR_GID | ATTR_TIMES_SET)) {
beb29e058c35a (Miklos Szeredi     2008-07-01 15:01:29 +0200 294) 		if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
beb29e058c35a (Miklos Szeredi     2008-07-01 15:01:29 +0200 295) 			return -EPERM;
beb29e058c35a (Miklos Szeredi     2008-07-01 15:01:29 +0200 296) 	}
beb29e058c35a (Miklos Szeredi     2008-07-01 15:01:29 +0200 297) 
f2b20f6ee8423 (Miklos Szeredi     2016-09-16 12:44:20 +0200 298) 	/*
f2b20f6ee8423 (Miklos Szeredi     2016-09-16 12:44:20 +0200 299) 	 * If utimes(2) and friends are called with times == NULL (or both
f2b20f6ee8423 (Miklos Szeredi     2016-09-16 12:44:20 +0200 300) 	 * times are UTIME_NOW), then we need to check for write permission
f2b20f6ee8423 (Miklos Szeredi     2016-09-16 12:44:20 +0200 301) 	 */
f2b20f6ee8423 (Miklos Szeredi     2016-09-16 12:44:20 +0200 302) 	if (ia_valid & ATTR_TOUCH) {
f2b20f6ee8423 (Miklos Szeredi     2016-09-16 12:44:20 +0200 303) 		if (IS_IMMUTABLE(inode))
f2b20f6ee8423 (Miklos Szeredi     2016-09-16 12:44:20 +0200 304) 			return -EPERM;
f2b20f6ee8423 (Miklos Szeredi     2016-09-16 12:44:20 +0200 305) 
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 306) 		if (!inode_owner_or_capable(mnt_userns, inode)) {
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 307) 			error = inode_permission(mnt_userns, inode, MAY_WRITE);
f2b20f6ee8423 (Miklos Szeredi     2016-09-16 12:44:20 +0200 308) 			if (error)
f2b20f6ee8423 (Miklos Szeredi     2016-09-16 12:44:20 +0200 309) 				return error;
f2b20f6ee8423 (Miklos Szeredi     2016-09-16 12:44:20 +0200 310) 		}
f2b20f6ee8423 (Miklos Szeredi     2016-09-16 12:44:20 +0200 311) 	}
f2b20f6ee8423 (Miklos Szeredi     2016-09-16 12:44:20 +0200 312) 
69b4573296469 (Andi Kleen         2011-05-28 08:25:51 -0700 313) 	if ((ia_valid & ATTR_MODE)) {
8d334acdd2c1f (Al Viro            2011-07-24 23:21:59 -0400 314) 		umode_t amode = attr->ia_mode;
69b4573296469 (Andi Kleen         2011-05-28 08:25:51 -0700 315) 		/* Flag setting protected by i_mutex */
69b4573296469 (Andi Kleen         2011-05-28 08:25:51 -0700 316) 		if (is_sxid(amode))
69b4573296469 (Andi Kleen         2011-05-28 08:25:51 -0700 317) 			inode->i_flags &= ~S_NOSEC;
69b4573296469 (Andi Kleen         2011-05-28 08:25:51 -0700 318) 	}
69b4573296469 (Andi Kleen         2011-05-28 08:25:51 -0700 319) 
c2050a454c7f1 (Deepa Dinamani     2016-09-14 07:48:06 -0700 320) 	now = current_time(inode);
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 321) 
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 322) 	attr->ia_ctime = now;
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 323) 	if (!(ia_valid & ATTR_ATIME_SET))
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 324) 		attr->ia_atime = now;
eb31e2f63d85d (Amir Goldstein     2019-11-24 21:31:45 +0200 325) 	else
eb31e2f63d85d (Amir Goldstein     2019-11-24 21:31:45 +0200 326) 		attr->ia_atime = timestamp_truncate(attr->ia_atime, inode);
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 327) 	if (!(ia_valid & ATTR_MTIME_SET))
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 328) 		attr->ia_mtime = now;
eb31e2f63d85d (Amir Goldstein     2019-11-24 21:31:45 +0200 329) 	else
eb31e2f63d85d (Amir Goldstein     2019-11-24 21:31:45 +0200 330) 		attr->ia_mtime = timestamp_truncate(attr->ia_mtime, inode);
eb31e2f63d85d (Amir Goldstein     2019-11-24 21:31:45 +0200 331) 
b53767719b6cd (Serge Hallyn       2007-10-16 23:31:36 -0700 332) 	if (ia_valid & ATTR_KILL_PRIV) {
b53767719b6cd (Serge Hallyn       2007-10-16 23:31:36 -0700 333) 		error = security_inode_need_killpriv(dentry);
030b533c4fd4d (Jan Kara           2016-05-26 17:21:32 +0200 334) 		if (error < 0)
b53767719b6cd (Serge Hallyn       2007-10-16 23:31:36 -0700 335) 			return error;
030b533c4fd4d (Jan Kara           2016-05-26 17:21:32 +0200 336) 		if (error == 0)
030b533c4fd4d (Jan Kara           2016-05-26 17:21:32 +0200 337) 			ia_valid = attr->ia_valid &= ~ATTR_KILL_PRIV;
b53767719b6cd (Serge Hallyn       2007-10-16 23:31:36 -0700 338) 	}
6de0ec00ba8db (Jeff Layton        2007-10-18 03:05:20 -0700 339) 
6de0ec00ba8db (Jeff Layton        2007-10-18 03:05:20 -0700 340) 	/*
6de0ec00ba8db (Jeff Layton        2007-10-18 03:05:20 -0700 341) 	 * We now pass ATTR_KILL_S*ID to the lower level setattr function so
6de0ec00ba8db (Jeff Layton        2007-10-18 03:05:20 -0700 342) 	 * that the function has the ability to reinterpret a mode change
6de0ec00ba8db (Jeff Layton        2007-10-18 03:05:20 -0700 343) 	 * that's due to these bits. This adds an implicit restriction that
6de0ec00ba8db (Jeff Layton        2007-10-18 03:05:20 -0700 344) 	 * no function will ever call notify_change with both ATTR_MODE and
6de0ec00ba8db (Jeff Layton        2007-10-18 03:05:20 -0700 345) 	 * ATTR_KILL_S*ID set.
6de0ec00ba8db (Jeff Layton        2007-10-18 03:05:20 -0700 346) 	 */
6de0ec00ba8db (Jeff Layton        2007-10-18 03:05:20 -0700 347) 	if ((ia_valid & (ATTR_KILL_SUID|ATTR_KILL_SGID)) &&
6de0ec00ba8db (Jeff Layton        2007-10-18 03:05:20 -0700 348) 	    (ia_valid & ATTR_MODE))
6de0ec00ba8db (Jeff Layton        2007-10-18 03:05:20 -0700 349) 		BUG();
6de0ec00ba8db (Jeff Layton        2007-10-18 03:05:20 -0700 350) 
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 351) 	if (ia_valid & ATTR_KILL_SUID) {
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 352) 		if (mode & S_ISUID) {
6de0ec00ba8db (Jeff Layton        2007-10-18 03:05:20 -0700 353) 			ia_valid = attr->ia_valid |= ATTR_MODE;
6de0ec00ba8db (Jeff Layton        2007-10-18 03:05:20 -0700 354) 			attr->ia_mode = (inode->i_mode & ~S_ISUID);
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 355) 		}
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 356) 	}
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 357) 	if (ia_valid & ATTR_KILL_SGID) {
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 358) 		if ((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) {
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 359) 			if (!(ia_valid & ATTR_MODE)) {
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 360) 				ia_valid = attr->ia_valid |= ATTR_MODE;
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 361) 				attr->ia_mode = inode->i_mode;
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 362) 			}
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 363) 			attr->ia_mode &= ~S_ISGID;
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 364) 		}
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 365) 	}
6de0ec00ba8db (Jeff Layton        2007-10-18 03:05:20 -0700 366) 	if (!(attr->ia_valid & ~(ATTR_KILL_SUID | ATTR_KILL_SGID)))
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 367) 		return 0;
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 368) 
a475acf01f79e (Seth Forshee       2016-04-26 14:36:25 -0500 369) 	/*
a475acf01f79e (Seth Forshee       2016-04-26 14:36:25 -0500 370) 	 * Verify that uid/gid changes are valid in the target
a475acf01f79e (Seth Forshee       2016-04-26 14:36:25 -0500 371) 	 * namespace of the superblock.
a475acf01f79e (Seth Forshee       2016-04-26 14:36:25 -0500 372) 	 */
a475acf01f79e (Seth Forshee       2016-04-26 14:36:25 -0500 373) 	if (ia_valid & ATTR_UID &&
a475acf01f79e (Seth Forshee       2016-04-26 14:36:25 -0500 374) 	    !kuid_has_mapping(inode->i_sb->s_user_ns, attr->ia_uid))
a475acf01f79e (Seth Forshee       2016-04-26 14:36:25 -0500 375) 		return -EOVERFLOW;
a475acf01f79e (Seth Forshee       2016-04-26 14:36:25 -0500 376) 	if (ia_valid & ATTR_GID &&
a475acf01f79e (Seth Forshee       2016-04-26 14:36:25 -0500 377) 	    !kgid_has_mapping(inode->i_sb->s_user_ns, attr->ia_gid))
a475acf01f79e (Seth Forshee       2016-04-26 14:36:25 -0500 378) 		return -EOVERFLOW;
a475acf01f79e (Seth Forshee       2016-04-26 14:36:25 -0500 379) 
0bd23d09b874e (Eric W. Biederman  2016-06-29 14:54:46 -0500 380) 	/* Don't allow modifications of files with invalid uids or
0bd23d09b874e (Eric W. Biederman  2016-06-29 14:54:46 -0500 381) 	 * gids unless those uids & gids are being made valid.
0bd23d09b874e (Eric W. Biederman  2016-06-29 14:54:46 -0500 382) 	 */
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 383) 	if (!(ia_valid & ATTR_UID) &&
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 384) 	    !uid_valid(i_uid_into_mnt(mnt_userns, inode)))
0bd23d09b874e (Eric W. Biederman  2016-06-29 14:54:46 -0500 385) 		return -EOVERFLOW;
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 386) 	if (!(ia_valid & ATTR_GID) &&
2f221d6f7b881 (Christian Brauner  2021-01-21 14:19:26 +0100 387) 	    !gid_valid(i_gid_into_mnt(mnt_userns, inode)))
0bd23d09b874e (Eric W. Biederman  2016-06-29 14:54:46 -0500 388) 		return -EOVERFLOW;
0bd23d09b874e (Eric W. Biederman  2016-06-29 14:54:46 -0500 389) 
a77b72da24ecf (Miklos Szeredi     2008-07-30 14:06:22 +0200 390) 	error = security_inode_setattr(dentry, attr);
27ac0ffeac80b (J. Bruce Fields    2011-09-20 17:19:26 -0400 391) 	if (error)
27ac0ffeac80b (J. Bruce Fields    2011-09-20 17:19:26 -0400 392) 		return error;
27ac0ffeac80b (J. Bruce Fields    2011-09-20 17:19:26 -0400 393) 	error = try_break_deleg(inode, delegated_inode);
a77b72da24ecf (Miklos Szeredi     2008-07-30 14:06:22 +0200 394) 	if (error)
a77b72da24ecf (Miklos Szeredi     2008-07-30 14:06:22 +0200 395) 		return error;
a77b72da24ecf (Miklos Szeredi     2008-07-30 14:06:22 +0200 396) 
eef2380c18789 (Christoph Hellwig  2010-06-04 11:30:01 +0200 397) 	if (inode->i_op->setattr)
549c7297717c3 (Christian Brauner  2021-01-21 14:19:43 +0100 398) 		error = inode->i_op->setattr(mnt_userns, dentry, attr);
eef2380c18789 (Christoph Hellwig  2010-06-04 11:30:01 +0200 399) 	else
549c7297717c3 (Christian Brauner  2021-01-21 14:19:43 +0100 400) 		error = simple_setattr(mnt_userns, dentry, attr);
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 401) 
975d294373d8c (Mimi Zohar         2011-03-09 14:39:57 -0500 402) 	if (!error) {
0eeca28300df1 (Robert Love        2005-07-12 17:06:03 -0400 403) 		fsnotify_change(dentry, ia_valid);
a2d2329e30e22 (Christian Brauner  2021-01-21 14:19:45 +0100 404) 		ima_inode_post_setattr(mnt_userns, dentry);
975d294373d8c (Mimi Zohar         2011-03-09 14:39:57 -0500 405) 		evm_inode_post_setattr(dentry, ia_valid);
975d294373d8c (Mimi Zohar         2011-03-09 14:39:57 -0500 406) 	}
0eeca28300df1 (Robert Love        2005-07-12 17:06:03 -0400 407) 
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 408) 	return error;
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 409) }
^1da177e4c3f4 (Linus Torvalds     2005-04-16 15:20:36 -0700 410) EXPORT_SYMBOL(notify_change);