client: switch to clear_suid_sgid for _write()

Currently the write will clear the suid/sgid always even the
privileged users are writing the file. This isn't consistent with
all the other existing filesystems in Linux.

Fixes: https://tracker.ceph.com/issues/58680
Signed-off-by: Xiubo Li <xiubli@redhat.com>
(cherry picked from commit dda31b831d4ff7c30742d1e22ec183ef2414179b)

diff --git a/src/client/Client.cc b/src/client/Client.cc
index c2b193562128d1028658cea5c4dcd995bec3f021..ee52e9a7b03e192b959d42de9b8a5a9a9d637064 100644 (file)
--- a/src/client/Client.cc
+++ b/src/client/Client.cc
@@ -10645,18 +10645,13 @@ int64_t Client::_write(Fh *f, int64_t offset, uint64_t size, const char *buf,
   if (r < 0)
     return r;
 
-  /* clear the setuid/setgid bits, if any */
-  if (unlikely(in->mode & (S_ISUID|S_ISGID)) && size > 0) {
-    struct ceph_statx stx = { 0 };
-
-    put_cap_ref(in, CEPH_CAP_AUTH_SHARED);
-    r = __setattrx(in, &stx, CEPH_SETATTR_KILL_SGUID, f->actor_perms);
+  put_cap_ref(in, CEPH_CAP_AUTH_SHARED);
+  if (size > 0) {
+    r = clear_suid_sgid(in, f->actor_perms);
     if (r < 0) {
       put_cap_ref(in, CEPH_CAP_FILE_WR);
       return r;
     }
-  } else {
-    put_cap_ref(in, CEPH_CAP_AUTH_SHARED);
   }
 
   if (f->flags & O_DIRECT)