[Sorry if this killed thread. My ISP seems to be stopping email server
now. I've read this email from web archive.]
@@ -2711,12 +2711,17 @@ static int selinux_inode_permission(struSo if I read this correctly, (ATTR_FORCE| ATTR_KILL_SUID|ATTR_MODE) will not return here, since 'ia_valid' will be ATTR_FORCE finally.
static int selinux_inode_setattr(struct dentry *dentry, struct iattr *iattr)
{
const struct cred *cred = current_cred();
+ unsigned int ia_valid = iattr->ia_valid;
- if (iattr->ia_valid & ATTR_FORCE)
- return 0;
+ /* ATTR_FORCE is just used for ATTR_KILL_S[UG]ID. */
+ if (ia_valid & ATTR_FORCE) {
+ ia_valid &= ~(ATTR_KILL_SUID | ATTR_KILL_SGID | ATTR_MODE);
+ if (!ia_valid)
+ return 0;
I think you forgot to clear ATTR_FORCE here...
Whoops, good catch. Fortunately, it doesn't seem to have actual problem,
but it's bug obviously, and sorry for that. Fixed patch was attached.