From fffe555aaa239aea6524ae1a2699dfe6bff1afbd Mon Sep 17 00:00:00 2001
From: Fengfei Xi <xi.fengfei@h3c.com>
Date: Thu, 7 Mar 2024 06:50:57 +0800
Subject: [PATCH] ceph: rely on vfs for setgid stripping

  mainline inclusion
  from mainline-5.19
  commit 5fadbd992996e9dda7ebcb62f5352866057bd619
  category: bugfix
  bugzilla: https://gitee.com/openeuler/kernel/issues/I940ST
  CVE: CVE-2018-13405

  --------------------------------

  commit 5fadbd992996e9dda7ebcb62f5352866057bd619 upstream.

  Now that we finished moving setgid stripping for regular files in setgid
  directories into the vfs, individual filesystem don't need to manually
  strip the setgid bit anymore. Drop the now unneeded code from ceph.

  Link: https://lore.kernel.org/r/1657779088-2242-4-git-send-email-xuyang2018.jy@fujitsu.com
  Reviewed-by: Xiubo Li <xiubli@redhat.com>
  Reviewed-by: Christian Brauner (Microsoft)<brauner@kernel.org>
  Reviewed-and-Tested-by: Jeff Layton <jlayton@kernel.org>
  Signed-off-by: Yang Xu <xuyang2018.jy@fujitsu.com>
  Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org>
  Signed-off-by: Fengfei Xi <xi.fengfei@h3c.com>
---
 fs/ceph/file.c | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/fs/ceph/file.c b/fs/ceph/file.c
index 943655e36a79..aa05b4a07e26 100644
--- a/fs/ceph/file.c
+++ b/fs/ceph/file.c
@@ -620,10 +620,6 @@ static int ceph_finish_async_create(struct inode *dir, struct dentry *dentry,
 		/* Directories always inherit the setgid bit. */
 		if (S_ISDIR(mode))
 			mode |= S_ISGID;
-		else if ((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP) &&
-			 !in_group_p(dir->i_gid) &&
-			 !capable_wrt_inode_uidgid(dir, CAP_FSETID))
-			mode &= ~S_ISGID;
 	} else {
 		in.gid = cpu_to_le32(from_kgid(&init_user_ns, current_fsgid()));
 	}
-- 
Gitee