diff options
| author |   Christian Brauner <brauner@kernel.org> | 2022-10-17 17:06:34 +0200 |
|---|---|---|
| committer | Christian Brauner (Microsoft) <brauner@kernel.org> | 2022-10-18 10:09:43 +0200 |
| commit | 11c2a8700cdcabf9b639b7204a1e38e2a0b6798e (patch) | |
| tree | f98a38095132d6d55b9f718ad07d3a3824998bdd /fs/internal.h | |
| parent | Linux 6.1-rc1 (diff) | |
| download | wireguard-linux-11c2a8700cdcabf9b639b7204a1e38e2a0b6798e.tar.xz wireguard-linux-11c2a8700cdcabf9b639b7204a1e38e2a0b6798e.zip | |
attr: add in_group_or_capable()
In setattr_{copy,prepare}() we need to perform the same permission
checks to determine whether we need to drop the setgid bit or not.
Instead of open-coding it twice add a simple helper the encapsulates the
logic. We will reuse this helpers to make dropping the setgid bit during
write operations more consistent in a follow up patch.
Reviewed-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org>
Diffstat (limited to 'fs/internal.h')
| -rw-r--r-- | fs/internal.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/fs/internal.h b/fs/internal.h index 6f0386b34fae..1de39bbc9ddd 100644 --- a/fs/internal.h +++ b/fs/internal.h @@ -151,6 +151,8 @@ extern int vfs_open(const struct path *, struct file *); */ extern long prune_icache_sb(struct super_block *sb, struct shrink_control *sc); extern int dentry_needs_remove_privs(struct dentry *dentry); +bool in_group_or_capable(struct user_namespace *mnt_userns, + const struct inode *inode, vfsgid_t vfsgid); /* * fs-writeback.c |