| Message ID | 1650020543-24908-2-git-send-email-xuyang2018.jy@fujitsu.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [v3,1/7] fs/inode: move sgid strip operation from inode_init_owner into inode_sgid_strip | expand |
On Fri, Apr 15, 2022 at 07:02:18PM +0800, Yang Xu wrote: > If underflying filesystem doesn't enable own CONFIG_FS_POSIX_ACL, then > posix_acl_create can't be called. So we will miss umask strip, ie > use ext4 with noacl or disblae CONFIG_EXT4_FS_POSIX_ACL. Hm, maybe: "All creation paths except for O_TMPFILE handle umask in the vfs directly if the filesystem doesn't support or enable POSIX ACLs. If the filesystem does then umask handling is deferred until posix_acl_create(). Because, O_TMPFILE misses umask handling in the vfs it will not honor umask settings. Fix this by adding the missing umask handling." > > Reported-by: Christian Brauner (Microsoft) <brauner@kernel.org> > Signed-off-by: Yang Xu <xuyang2018.jy@fujitsu.com> > --- Acked-by: Christian Brauner (Microsoft) <brauner@kernel.org> > fs/namei.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/fs/namei.c b/fs/namei.c > index 3f1829b3ab5b..bbc7c950bbdc 100644 > --- a/fs/namei.c > +++ b/fs/namei.c > @@ -3521,6 +3521,8 @@ struct dentry *vfs_tmpfile(struct user_namespace *mnt_userns, > child = d_alloc(dentry, &slash_name); > if (unlikely(!child)) > goto out_err; > + if (!IS_POSIXACL(dir)) > + mode &= ~current_umask(); > error = dir->i_op->tmpfile(mnt_userns, dir, child, mode); > if (error) > goto out_err; > -- > 2.27.0 >
on 2022/4/15 22:17, Christian Brauner wrote: > On Fri, Apr 15, 2022 at 07:02:18PM +0800, Yang Xu wrote: >> If underflying filesystem doesn't enable own CONFIG_FS_POSIX_ACL, then >> posix_acl_create can't be called. So we will miss umask strip, ie >> use ext4 with noacl or disblae CONFIG_EXT4_FS_POSIX_ACL. > > Hm, maybe: > > "All creation paths except for O_TMPFILE handle umask in the vfs > directly if the filesystem doesn't support or enable POSIX ACLs. If the > filesystem does then umask handling is deferred until > posix_acl_create(). > Because, O_TMPFILE misses umask handling in the vfs it will not honor > umask settings. Fix this by adding the missing umask handling." OK, will do it on v4. Best Regards Yang Xu > >> >> Reported-by: Christian Brauner (Microsoft)<brauner@kernel.org> >> Signed-off-by: Yang Xu<xuyang2018.jy@fujitsu.com> >> --- > > Acked-by: Christian Brauner (Microsoft)<brauner@kernel.org> > >> fs/namei.c | 2 ++ >> 1 file changed, 2 insertions(+) >> >> diff --git a/fs/namei.c b/fs/namei.c >> index 3f1829b3ab5b..bbc7c950bbdc 100644 >> --- a/fs/namei.c >> +++ b/fs/namei.c >> @@ -3521,6 +3521,8 @@ struct dentry *vfs_tmpfile(struct user_namespace *mnt_userns, >> child = d_alloc(dentry,&slash_name); >> if (unlikely(!child)) >> goto out_err; >> + if (!IS_POSIXACL(dir)) >> + mode&= ~current_umask(); >> error = dir->i_op->tmpfile(mnt_userns, dir, child, mode); >> if (error) >> goto out_err; >> -- >> 2.27.0 >>
diff --git a/fs/namei.c b/fs/namei.c index 3f1829b3ab5b..bbc7c950bbdc 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -3521,6 +3521,8 @@ struct dentry *vfs_tmpfile(struct user_namespace *mnt_userns, child = d_alloc(dentry, &slash_name); if (unlikely(!child)) goto out_err; + if (!IS_POSIXACL(dir)) + mode &= ~current_umask(); error = dir->i_op->tmpfile(mnt_userns, dir, child, mode); if (error) goto out_err;
If underflying filesystem doesn't enable own CONFIG_FS_POSIX_ACL, then posix_acl_create can't be called. So we will miss umask strip, ie use ext4 with noacl or disblae CONFIG_EXT4_FS_POSIX_ACL. Reported-by: Christian Brauner (Microsoft) <brauner@kernel.org> Signed-off-by: Yang Xu <xuyang2018.jy@fujitsu.com> --- fs/namei.c | 2 ++ 1 file changed, 2 insertions(+)