From d306d74a60e6d2c79aa4e9a840f3fc12ee8461bc Mon Sep 17 00:00:00 2001
From: Patrick Donnelly <pdonnell@redhat.com>
Date: Wed, 16 Aug 2017 09:52:36 -0700
Subject: [PATCH] cephfs: clear suid/sgid if regular file is exe

According to [1], the suid/sgid should be cleared if any of the executable bits
are set.

Found this while experimenting for [2].

[1] http://pubs.opengroup.org/onlinepubs/9699919799/functions/chown.html
[2] https://bugzilla.redhat.com/show_bug.cgi?id=1480182

Fixes: http://tracker.ceph.com/issues/21004

Signed-off-by: Patrick Donnelly <pdonnell@redhat.com>
---
 src/client/Client.cc | 6 ++----
 src/mds/Server.cc    | 7 +++----
 2 files changed, 5 insertions(+), 8 deletions(-)

diff --git a/src/client/Client.cc b/src/client/Client.cc
index c23f101177026..6ee1396ec7b32 100644
--- a/src/client/Client.cc
+++ b/src/client/Client.cc
@@ -6698,11 +6698,9 @@ int Client::_do_setattr(Inode *in, struct ceph_statx *stx, int mask,
       mark_caps_dirty(in, CEPH_CAP_AUTH_EXCL);
       mask &= ~CEPH_SETATTR_MODE;
       ldout(cct,10) << "changing mode to " << stx->stx_mode << dendl;
-    } else if (kill_sguid && S_ISREG(in->mode)) {
+    } else if (kill_sguid && S_ISREG(in->mode) && (in->mode & (S_IXUSR|S_IXGRP|S_IXOTH))) {
       /* Must squash the any setuid/setgid bits with an ownership change */
-      in->mode &= ~S_ISUID;
-      if ((in->mode & (S_ISGID|S_IXGRP)) == (S_ISGID|S_IXGRP))
-	in->mode &= ~S_ISGID;
+      in->mode &= ~(S_ISUID|S_ISGID);
       mark_caps_dirty(in, CEPH_CAP_AUTH_EXCL);
     }
 
diff --git a/src/mds/Server.cc b/src/mds/Server.cc
index 952df343995ea..19cc45ced7d5c 100644
--- a/src/mds/Server.cc
+++ b/src/mds/Server.cc
@@ -4068,10 +4068,9 @@ void Server::handle_client_setattr(MDRequestRef& mdr)
   if (mask & CEPH_SETATTR_MODE)
     pi->mode = (pi->mode & ~07777) | (req->head.args.setattr.mode & 07777);
   else if ((mask & (CEPH_SETATTR_UID|CEPH_SETATTR_GID|CEPH_SETATTR_KILL_SGUID)) &&
-	    S_ISREG(pi->mode)) {
-    pi->mode &= ~S_ISUID;
-    if ((pi->mode & (S_ISGID|S_IXGRP)) == (S_ISGID|S_IXGRP))
-      pi->mode &= ~S_ISGID;
+	    S_ISREG(pi->mode) &&
+            (pi->mode & (S_IXUSR|S_IXGRP|S_IXOTH))) {
+    pi->mode &= ~(S_ISUID|S_ISGID);
   }
 
   if (mask & CEPH_SETATTR_MTIME)
-- 
2.39.5