Date: Fri, 01 May 2026 11:59:21 +0000 From: Pouria Mousavizadeh Tehrani <pouria@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Cc: Ricardo Branco <rbranco@suse.de> Subject: git: f4ae41b7ea5e - main - linux: Implement setfsuid(2) and setfsgid(2) as no-ops Message-ID: <69f49599.367fe.30c6d2d9@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch main has been updated by pouria: URL: https://cgit.FreeBSD.org/src/commit/?id=f4ae41b7ea5efb8381a5df234b3f5e1f7569f9b0 commit f4ae41b7ea5efb8381a5df234b3f5e1f7569f9b0 Author: Ricardo Branco <rbranco@suse.de> AuthorDate: 2026-04-29 18:27:22 +0000 Commit: Pouria Mousavizadeh Tehrani <pouria@FreeBSD.org> CommitDate: 2026-05-01 11:52:37 +0000 linux: Implement setfsuid(2) and setfsgid(2) as no-ops These system calls exist to decouple the Linux filesystem credentials from the effective credentials, avoiding signal exposure during privilege transitions. The signal permission model that motivated this was revised in Linux 2.0, making these syscalls obsolete for new applications. Implement both syscalls as no-ops that return the current effective UID/GID as the previous filesystem UID/GID. Linux returns the previous filesystem UID/GID for these syscalls with no error indication. Same for the equivalent setfsuid16() & setfsgid16() system calls. Signed-off-by: Ricardo Branco <rbranco@suse.de> PR: 294879 Reviewed by: kib, pouria Pull-Request: https://github.com/freebsd/freebsd-src/pull/2175 --- sys/compat/linux/linux_dummy.c | 2 -- sys/compat/linux/linux_misc.c | 26 ++++++++++++++++++++++++++ sys/compat/linux/linux_uid16.c | 16 ++++++++++++++-- 3 files changed, 40 insertions(+), 4 deletions(-) diff --git a/sys/compat/linux/linux_dummy.c b/sys/compat/linux/linux_dummy.c index dfabf33eb8a6..971e070e90aa 100644 --- a/sys/compat/linux/linux_dummy.c +++ b/sys/compat/linux/linux_dummy.c @@ -56,8 +56,6 @@ UNIMPLEMENTED(query_module); /* Added in Linux 2.2 removed in 2.6. */ UNIMPLEMENTED(security); UNIMPLEMENTED(vserver); -DUMMY(setfsuid); -DUMMY(setfsgid); DUMMY(vhangup); DUMMY(pivot_root); DUMMY(adjtimex); diff --git a/sys/compat/linux/linux_misc.c b/sys/compat/linux/linux_misc.c index 4c8ad669f03c..f89758f41ba0 100644 --- a/sys/compat/linux/linux_misc.c +++ b/sys/compat/linux/linux_misc.c @@ -3179,4 +3179,30 @@ linux_membarrier(struct thread *td, struct linux_membarrier_args *args) return (0); } +/* + * setfsuid() & setfsgid() exist to decouple the Linux filesystem credentials + * from the effective credentials, avoiding signal exposure during privilege + * transitions. The signal permission model that motivated this was revised in + * Linux 2.0, making these syscalls obsolete for new applications. + * + * As there's no FreeBSD equivalent, implement both syscalls as no-ops that + * return the current effective UID/GID as the previous filesystem UID/GID. + * Linux returns the previous filesystem UID/GID for these syscalls, with no + * error indication. + */ + +int +linux_setfsuid(struct thread *td, struct linux_setfsuid_args *args) +{ + td->td_retval[0] = td->td_ucred->cr_uid; + return (0); +} + +int +linux_setfsgid(struct thread *td, struct linux_setfsgid_args *args) +{ + td->td_retval[0] = td->td_ucred->cr_gid; + return (0); +} + MODULE_DEPEND(linux, mqueuefs, 1, 1, 1); diff --git a/sys/compat/linux/linux_uid16.c b/sys/compat/linux/linux_uid16.c index 8ac093e004d0..16866c374aa2 100644 --- a/sys/compat/linux/linux_uid16.c +++ b/sys/compat/linux/linux_uid16.c @@ -59,8 +59,6 @@ LIN_SDT_PROBE_DEFINE1(uid16, linux_setgroups16, copyin_error, "int"); LIN_SDT_PROBE_DEFINE1(uid16, linux_setgroups16, priv_check_cred_error, "int"); LIN_SDT_PROBE_DEFINE1(uid16, linux_getgroups16, copyout_error, "int"); -DUMMY(setfsuid16); -DUMMY(setfsgid16); DUMMY(getresuid16); DUMMY(getresgid16); @@ -284,3 +282,17 @@ linux_setresuid16(struct thread *td, struct linux_setresuid16_args *args) return (error); } + +int +linux_setfsuid16(struct thread *td, struct linux_setfsuid16_args *args) +{ + td->td_retval[0] = td->td_ucred->cr_uid; + return (0); +} + +int +linux_setfsgid16(struct thread *td, struct linux_setfsgid16_args *args) +{ + td->td_retval[0] = td->td_ucred->cr_gid; + return (0); +}home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?69f49599.367fe.30c6d2d9>