Re: [PATCH 6.1 00/15] 6.1.48-rc1 review

From: Harshit Mogalapalli
Date: Fri Aug 25 2023 - 03:17:09 EST


Hi,

On 25/08/23 12:35 pm, Naresh Kamboju wrote:
+ linux-nfs and more

On Thu, 24 Aug 2023 at 19:45, Greg Kroah-Hartman
<gregkh@xxxxxxxxxxxxxxxxxxx> wrote:

This is the start of the stable review cycle for the 6.1.48 release.
There are 15 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.

Responses should be made by Sat, 26 Aug 2023 14:14:28 +0000.
Anything received after that time might be too late.

The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.1.48-rc1.gz
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.1.y
and the diffstat can be found below.

thanks,

greg k-h


Following test regression found on stable-rc 6.1.
Rpi4 is using NFS mount rootfs and running LTP syscalls testing.
chown02 tests creating testfile2 on NFS mounted and validating
the functionality and found that it was a failure.

This is already been reported by others on lore and fix patch merged
into stable-rc linux-6.4.y [1] and [2].

Reported-by: Linux Kernel Functional Testing <lkft@xxxxxxxxxx>

Test log:
--------
chown02.c:46: TPASS: chown(testfile1, 0, 0) passed
chown02.c:46: TPASS: chown(testfile2, 0, 0) passed
chown02.c:58: TFAIL: testfile2: wrong mode permissions 0100700, expected 0102700

fchown02.c:57: TPASS: fchown(3, 0, 0) passed
fchown02.c:57: TPASS: fchown(4, 0, 0) passed
fchown02.c:67: TFAIL: testfile2: wrong mode permissions 0100700,
expected 0102700


Note:
These both test cases are failing in 5.15.128 as well.


## Build
* kernel: 6.1.48-rc1
* git: https://gitlab.com/Linaro/lkft/mirrors/stable/linux-stable-rc
* git branch: linux-6.1.y
* git commit: c079d0dd788ad4fe887ee6349fe89d23d72f7696
* git describe: v6.1.47-16-gc079d0dd788a
* test details:
https://qa-reports.linaro.org/lkft/linux-stable-rc-linux-6.1.y/build/v6.1.47-16-gc079d0dd788a

## Test Regressions (compared to v6.1.46)
* bcm2711-rpi-4-b, ltp-syscalls
- chown02
- fchown02

* bcm2711-rpi-4-b-64k_page_size, ltp-syscalls
- chown02
- fchown02

* bcm2711-rpi-4-b-clang, ltp-syscalls
- chown02
- fchown02




Do we need the following patch into stable-rc linux-6.1.y ?

I see from mailing thread discussion, says that

the above commit is backported to LTS kernels -- 5.10.y,5.15.y and 6.1.y.


----

nfsd: use vfs setgid helper
commit 2d8ae8c417db284f598dffb178cc01e7db0f1821 upstream.

We've aligned setgid behavior over multiple kernel releases. The details
can be found in commit cf619f891971 ("Merge tag 'fs.ovl.setgid.v6.2' of
git://git.kernel.org/pub/scm/linux/kernel/git/vfs/idmapping") and
commit 426b4ca2d6a5 ("Merge tag 'fs.setgid.v6.0' of
git://git.kernel.org/pub/scm/linux/kernel/git/brauner/linux").
Consistent setgid stripping behavior is now encapsulated in the
setattr_should_drop_sgid() helper which is used by all filesystems that
strip setgid bits outside of vfs proper. Usually ATTR_KILL_SGID is
raised in e.g., chown_common() and is subject to the
setattr_should_drop_sgid() check to determine whether the setgid bit can
be retained. Since nfsd is raising ATTR_KILL_SGID unconditionally it
will cause notify_change() to strip it even if the caller had the
necessary privileges to retain it. Ensure that nfsd only raises
ATR_KILL_SGID if the caller lacks the necessary privileges to retain the
setgid bit.

Without this patch the setgid stripping tests in LTP will fail:

As you can see, the problem is S_ISGID (0002000) was dropped on a
non-group-executable file while chown was invoked by super-user, while

[...]

fchown02.c:66: TFAIL: testfile2: wrong mode permissions 0100700, expected 0102700

[...]

chown02.c:57: TFAIL: testfile2: wrong mode permissions 0100700, expected 0102700

With this patch all tests pass.

Reported-by: Sherry Yang <sherry.yang@xxxxxxxxxx>
Signed-off-by: Christian Brauner <brauner@xxxxxxxxxx>
Reviewed-by: Jeff Layton <jlayton@xxxxxxxxxx>
Cc: <stable@xxxxxxxxxxxxxxx>
Signed-off-by: Chuck Lever <chuck.lever@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>


[1] https://lore.kernel.org/linux-nfs/20230502-agenda-regeln-04d2573bd0fd@brauner/
[2] https://lore.kernel.org/all/202210091600.dbe52cbf-yujie.liu@xxxxxxxxx/
--
Linaro LKFT
https://lkft.linaro.org