c/mirror_zfs
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_zfs.git synced 2025-01-03 23:09:35 +03:00
Code Issues Packages Projects Releases Wiki Activity
0cb2d8a60b
mirror_zfs/module/zfs
History
Pawel Jakub Dawidek 3e27b589cf Fix clearing set-uid and set-gid bits on a file when replying a write 
POSIX requires that set-uid and set-gid bits to be removed when an
unprivileged user writes to a file and ZFS does that during normal
operation.

The problem arrises when the write is stored in the ZIL and replayed.
During replay we have no access to original credentials of the process
doing the write, so zfs_write() will be performed with the root
credentials. When root is doing the write set-uid and set-gid bits
are not removed from the file.

To correct that, log a separate TX_SETATTR entry that removed those bits
on first write to such file.

Idea from:	Christian Schwarz

Add test for ZIL replay of setuid/setgid clearing.

Improve various edge cases when clearing setid bits:
- The setid bits can be readded during a single write, so make sure to check
  for them on every chunk write.
- Log TX_SETATTR record at most once per transaction group (if the setid bits
  are keep coming back).
- Move zfs_log_setattr() outside of zp->z_acl_lock.

Reviewed-by: Dan McDonald <danmcd@joyent.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Co-authored-by: Christian Schwarz <me@cschwarz.com>
Signed-off-by: Pawel Jakub Dawidek <pawel@dawidek.net>
Closes #13027
2022-02-16 17:58:55 -08:00
..
abd.c Use fallthrough macro 2021-11-02 09:50:30 -07:00
aggsum.c More aggsum optimizations 2021-06-09 13:05:34 -07:00
arc.c Avoid memory allocations in the ARC eviction thread 2022-02-03 15:30:52 -08:00
blkptr.c Add zstd support to zfs 2020-08-20 10:30:06 -07:00
bplist.c Fast Clone Deletion 2019-07-26 10:54:14 -07:00
bpobj.c Rename refcount.h to zfs_refcount.h 2020-07-29 16:35:33 -07:00
bptree.c Rename refcount.h to zfs_refcount.h 2020-07-29 16:35:33 -07:00
bqueue.c Implement Redacted Send/Receive 2019-06-19 09:48:12 -07:00
btree.c Fix typo in btree.c 2020-08-17 15:25:37 -07:00
dataset_kstats.c Introduce write-mostly sums 2021-06-09 13:05:34 -07:00
dbuf_stats.c Eliminate gratuitous bzeroing in dbuf_stats_hash_table_data 2020-09-30 13:24:38 -07:00
dbuf.c Compact dbuf/buf hashes and lock arrays 2021-09-14 12:22:46 -07:00
ddt_zap.c Refactor dnode dirty context from dbuf_dirty 2020-02-26 16:09:17 -08:00
ddt.c Tinker with slop space accounting with dedup 2021-09-14 12:38:05 -07:00
dmu_diff.c Mark write_record static 2019-12-03 09:51:44 -08:00
dmu_object.c Introduce CPU_SEQID_UNSTABLE 2020-11-02 11:51:12 -08:00
dmu_objset.c Avoid 64bit division in multilist index functions 2021-06-29 13:15:04 -07:00
dmu_recv.c Annotated dprintf as printf-like 2021-06-24 13:12:36 -07:00
dmu_redact.c dmu_redact.c does not call bqueue_destroy 2021-09-14 12:39:48 -07:00
dmu_send.c Report dnodes with faulty bonuslen 2022-02-16 17:58:55 -08:00
dmu_traverse.c ZFS traverse_visitbp optimization to limit prefetch 2021-04-19 15:22:57 -07:00
dmu_tx.c Annotated dprintf as printf-like 2021-06-24 13:12:36 -07:00
dmu_zfetch.c Upstream: dmu_zfetch_stream_fini leaks refcount 2021-09-14 12:21:55 -07:00
dmu.c Fix lseek(SEEK_DATA/SEEK_HOLE) mmap consistency 2021-11-05 08:08:55 -07:00
dnode_sync.c Report dnodes with faulty bonuslen 2022-02-16 17:58:55 -08:00
dnode.c Restore dirty dnode detection logic 2021-11-05 09:45:04 -07:00
dsl_bookmark.c Fix various typos 2021-04-07 13:27:11 -07:00
dsl_crypt.c Introduce a flag to skip comparing the local mac when raw sending 2022-02-04 16:14:56 -08:00
dsl_dataset.c Introduce dsl_dir_diduse_transfer_space() 2021-09-14 12:38:51 -07:00
dsl_deadlist.c Livelist logic should handle dedup blkptrs 2021-06-09 13:05:34 -07:00
dsl_deleg.c Reduce loaded range tree memory usage 2019-10-09 10:36:03 -07:00
dsl_destroy.c Annotated dprintf as printf-like 2021-06-24 13:12:36 -07:00
dsl_dir.c Introduce dsl_dir_diduse_transfer_space() 2021-09-14 12:38:51 -07:00
dsl_pool.c Re-embed multilist_t storage 2021-06-10 10:50:16 -07:00
dsl_prop.c Use fallthrough macro 2021-11-02 09:50:30 -07:00
dsl_scan.c Report dnodes with faulty bonuslen 2022-02-16 17:58:55 -08:00
dsl_synctask.c nowait synctask must succeed 2020-09-04 10:29:39 -07:00
dsl_userhold.c Replace sprintf()->snprintf() and strcpy()->strlcpy() 2020-06-07 11:42:12 -07:00
edonr_zfs.c Add include files for prototypes 2020-06-18 12:21:25 -07:00
fm.c file reference counts can get corrupted 2021-09-14 12:37:38 -07:00
gzip.c Add include files for prototypes 2020-06-18 12:21:25 -07:00
hkdf.c Encryption patch follow-up 2017-10-11 16:54:48 -04:00
lz4.c Prefix zfs internal endian checks with _ZFS 2020-07-28 13:02:49 -07:00
lzjb.c Add include files for prototypes 2020-06-18 12:21:25 -07:00
Makefile.in Distributed Spare (dRAID) Feature 2020-11-13 13:51:51 -08:00
metaslab.c Add comment on metaslab_class_throttle_reserve() locking 2021-09-14 13:09:40 -07:00
mmp.c Optimize small random numbers generation 2021-09-14 12:10:17 -07:00
multilist.c Optimize small random numbers generation 2021-09-14 12:10:17 -07:00
objlist.c Implement Redacted Send/Receive 2019-06-19 09:48:12 -07:00
pathname.c Replace ZFS on Linux references with OpenZFS 2020-10-08 20:10:13 -07:00
range_tree.c Annotated dprintf as printf-like 2021-06-24 13:12:36 -07:00
refcount.c Use more atomics in refcounts 2021-09-14 14:31:01 -07:00
rrwlock.c Rename refcount.h to zfs_refcount.h 2020-07-29 16:35:33 -07:00
sa.c Annotated dprintf as printf-like 2021-06-24 13:12:36 -07:00
sha256.c Add include files for prototypes 2020-06-18 12:21:25 -07:00
skein_zfs.c Add include files for prototypes 2020-06-18 12:21:25 -07:00
spa_boot.c Add include files for prototypes 2020-06-18 12:21:25 -07:00
spa_checkpoint.c Annotated dprintf as printf-like 2021-06-24 13:12:36 -07:00
spa_config.c Cleaning up uio headers 2021-02-20 20:16:50 -08:00
spa_errlog.c Fix typos in module/zfs/ 2019-09-02 17:56:41 -07:00
spa_history.c Annotated dprintf as printf-like 2021-06-24 13:12:36 -07:00
spa_log_spacemap.c Balance parentheses in parameter descriptions 2021-04-14 13:23:07 -07:00
spa_misc.c Fix unfortunate NULL in spa_update_dspace 2021-09-14 12:41:10 -07:00
spa_stats.c Remove pool io kstats 2021-06-10 10:50:16 -07:00
spa.c Use fallthrough macro 2021-11-02 09:50:30 -07:00
space_map.c Optimize small random numbers generation 2021-09-14 12:10:17 -07:00
space_reftree.c Reduce loaded range tree memory usage 2019-10-09 10:36:03 -07:00
THIRDPARTYLICENSE.cityhash OpenZFS 8484 - Implement aggregate sum and use for arc counters 2018-06-06 09:35:59 -07:00
THIRDPARTYLICENSE.cityhash.descrip OpenZFS 8484 - Implement aggregate sum and use for arc counters 2018-06-06 09:35:59 -07:00
txg.c Annotated dprintf as printf-like 2021-06-24 13:12:36 -07:00
uberblock.c MMP interval and fail_intervals in uberblock 2019-03-21 12:47:57 -07:00
unique.c Reduce loaded range tree memory usage 2019-10-09 10:36:03 -07:00
vdev_cache.c Replace ASSERTV macro with compiler annotation 2019-12-05 12:37:00 -08:00
vdev_draid_rand.c Distributed Spare (dRAID) Feature 2020-11-13 13:51:51 -08:00
vdev_draid.c Verify dRAID empty sectors 2022-02-03 15:28:01 -08:00
vdev_indirect_births.c Fixes: #8934 Large kmem_alloc 2019-07-10 15:54:49 -07:00
vdev_indirect_mapping.c Replace ASSERTV macro with compiler annotation 2019-12-05 12:37:00 -08:00
vdev_indirect.c Run arc_evict thread at higher priority 2021-09-14 14:30:13 -07:00
vdev_initialize.c Cancel TRIM / initialize on FAULTED non-writeable vdevs 2021-03-02 10:27:27 -08:00
vdev_label.c Use fallthrough macro 2021-11-02 09:50:30 -07:00
vdev_mirror.c Optimize small random numbers generation 2021-09-14 12:10:17 -07:00
vdev_missing.c Distributed Spare (dRAID) Feature 2020-11-13 13:51:51 -08:00
vdev_queue.c Avoid vq_lock drop in vdev_queue_aggregate() 2021-09-14 14:31:22 -07:00
vdev_raidz_math_aarch64_neon_common.h FreeBSD: fix the build with Clang 11 2020-08-17 15:40:17 -07:00
vdev_raidz_math_aarch64_neon.c Linux 5.0 compat: SIMD compatibility 2019-07-12 09:31:20 -07:00
vdev_raidz_math_aarch64_neonx2.c Linux 5.0 compat: SIMD compatibility 2019-07-12 09:31:20 -07:00
vdev_raidz_math_avx2.c FreeBSD: fix the build with Clang 11 2020-08-17 15:40:17 -07:00
vdev_raidz_math_avx512bw.c Refactor ccompile.h to not include system headers 2020-07-25 20:09:50 -07:00
vdev_raidz_math_avx512f.c FreeBSD: fix the build with Clang 11 2020-08-17 15:40:17 -07:00
vdev_raidz_math_impl.h Distributed Spare (dRAID) Feature 2020-11-13 13:51:51 -08:00
vdev_raidz_math_powerpc_altivec_common.h FreeBSD: fix the build with Clang 11 2020-08-17 15:40:17 -07:00
vdev_raidz_math_powerpc_altivec.c Prefix zfs internal endian checks with _ZFS 2020-07-28 13:02:49 -07:00
vdev_raidz_math_scalar.c Use fallthrough macro 2021-11-02 09:50:30 -07:00
vdev_raidz_math_sse2.c FreeBSD: fix the build with Clang 11 2020-08-17 15:40:17 -07:00
vdev_raidz_math_ssse3.c Refactor ccompile.h to not include system headers 2020-07-25 20:09:50 -07:00
vdev_raidz_math.c Initialize parity blocks before RAID-Z reconstruction benchmarking 2021-09-14 14:32:16 -07:00
vdev_raidz.c Verify dRAID empty sectors 2022-02-03 15:28:01 -08:00
vdev_rebuild.c Use dsl_scan_setup_check() to setup a scrub 2021-04-14 13:19:49 -07:00
vdev_removal.c Annotated dprintf as printf-like 2021-06-24 13:12:36 -07:00
vdev_root.c Distributed Spare (dRAID) Feature 2020-11-13 13:51:51 -08:00
vdev_trim.c Cancel TRIM / initialize on FAULTED non-writeable vdevs 2021-03-02 10:27:27 -08:00
vdev.c Rescan enclosure sysfs path on import 2021-11-02 16:31:05 -07:00
zap_leaf.c Refactor dnode dirty context from dbuf_dirty 2020-02-26 16:09:17 -08:00
zap_micro.c Annotated dprintf as printf-like 2021-06-24 13:12:36 -07:00
zap.c Annotated dprintf as printf-like 2021-06-24 13:12:36 -07:00
zcp_get.c Add include files for prototypes 2020-06-18 12:21:25 -07:00
zcp_global.c OpenZFS 8600 - ZFS channel programs - snapshot 2018-02-08 15:29:24 -08:00
zcp_iter.c Fix typos in module/zfs/ 2019-09-02 17:56:41 -07:00
zcp_set.c Support setting user properties in a channel program 2020-02-14 13:41:42 -08:00
zcp_synctask.c A few fixes of callback typecasting (for the upcoming ClangCFI) 2021-09-14 12:39:48 -07:00
zcp.c Annotated dprintf as printf-like 2021-06-24 13:12:36 -07:00
zfeature.c Throw const on some strings 2020-10-02 17:44:10 -07:00
zfs_byteswap.c Mark functions as static 2020-06-18 12:20:38 -07:00
zfs_fm.c Upstream: Add snapshot and zvol events 2022-02-10 11:04:06 -08:00
zfs_fuid.c Fix regression in POSIX mode behavior 2021-03-19 22:50:46 -07:00
zfs_ioctl.c file reference counts can get corrupted 2021-09-14 12:37:38 -07:00
zfs_log.c Initialize all fields in zfs_log_xvattr() 2021-09-14 12:42:21 -07:00
zfs_onexit.c file reference counts can get corrupted 2021-09-14 12:37:38 -07:00
zfs_quota.c File incorrectly zeroed when receiving incremental stream that toggles -L 2020-06-09 10:41:01 -07:00
zfs_ratelimit.c Change checksum & IO delay ratelimit values 2018-03-04 17:34:51 -08:00
zfs_replay.c Use fallthrough macro 2021-11-02 09:50:30 -07:00
zfs_rlock.c Add a "try" operation for range locks 2020-07-06 11:53:31 -07:00
zfs_sa.c Extending FreeBSD UIO Struct 2021-01-20 21:27:30 -08:00
zfs_vnops.c Fix clearing set-uid and set-gid bits on a file when replying a write 2022-02-16 17:58:55 -08:00
zil.c Fixed data integrity issue when underlying disk returns error 2021-09-14 15:45:30 -07:00
zio_checksum.c Mark functions as static 2020-06-18 12:20:38 -07:00
zio_compress.c Use fallthrough macro 2021-11-02 09:50:30 -07:00
zio_inject.c Optimize small random numbers generation 2021-09-14 12:10:17 -07:00
zio.c Verify embedded blkptr's in arc_read() 2021-09-14 15:43:18 -07:00
zle.c Add include files for prototypes 2020-06-18 12:21:25 -07:00
zrlock.c Remove dead code 2020-06-18 12:21:18 -07:00
zthr.c Avoid memory allocations in the ARC eviction thread 2022-02-03 15:30:52 -08:00
zvol.c Linux 5.13 compat: retry zvol_open() when contended 2021-12-06 12:22:57 -08:00