From patchwork Tue Sep 19 08:18:07 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Max Kellermann X-Patchwork-Id: 142341 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:172:b0:3f2:4152:657d with SMTP id h50csp4030880vqi; Wed, 20 Sep 2023 03:35:06 -0700 (PDT) X-Google-Smtp-Source: AGHT+IE5SFjO0jKJJOrIfgERgUI6FWAUfbN/Yfx3elbn2VReLXB6cph9qYMdopmPIXa6sIZ9hj2s X-Received: by 2002:a05:6a21:3296:b0:13d:2f80:cf1c with SMTP id yt22-20020a056a21329600b0013d2f80cf1cmr2378421pzb.17.1695206105731; Wed, 20 Sep 2023 03:35:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1695206105; cv=none; d=google.com; s=arc-20160816; b=TImsTBr2X50oYnKtmqtoqf12/Db/Q6IHTaT0Gbxcrpb48LZFb80Ud1m5WSWsVUlu3C a1r50+Lcuy6+DvCOi1vDP/L4pdzMMAj5kPCTVL0PMKbTj+T8CKDKeN/CmmuHBRkB+IMM R0pCSrslcMmvzkWdQSE16U/1leksIgMIgHlgLQXbhKWObB2m+Gh9HD5ypOvjUBkcsfeI DEd8a0MsGiU3ujaPBNt+hNtPva48F5O+3DHJB0NF/V+qXxhGFEeN6Po0HlP9TuHDvUwa 2Xepjp9svIanRMchmgJvpcTDo+qMasAVhIOqfJc6Ue368SJWBVkJmX7JjllvDCZl4DfY AWvg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=1gAr+spSxhyFbhqTlLTsUHb79LCXE+R6cPkLBxMk/S0=; fh=Y5m8cZBD1nXML9yxcT/gQflJLL7iOjtwYskCaiGb3Ns=; b=TN4nZDHsf7gn4i6Yn3XHbpiHwXHvq7IaBDVd6+SNochoQBooBRmXENGHt9nU/g/qKJ gsyOOjiMGm36TsSJ287NBx1T/E/mcpx7vDMrOShXMYw2rPYOoPmYptrRq5e71zWIZsfk 3MWSGTuhZgcwxaDnqNG5IeJHaECHzViFSeg4irE/W+n2olYBkPpEJJ+oLHBFeY2CDXGo JVLuMZUP4IYPt7VbkQRdO4yocJgPhWey9g7pNXEB1Ezn/vzXmpwhCH1MmJNG/65SeFcK 8MqYsigRERh4qjLrEYLtOpLCex6VjX1EpLDuGyrT8HM13hmSwU4O8jQd3hnqV9CXUjIq pIXw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@ionos.com header.s=google header.b=a6Px7MKb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=ionos.com Received: from groat.vger.email (groat.vger.email. [2620:137:e000::3:5]) by mx.google.com with ESMTPS id a9-20020a63d209000000b0056a77ae0b55si11448879pgg.458.2023.09.20.03.35.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 20 Sep 2023 03:35:05 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) client-ip=2620:137:e000::3:5; Authentication-Results: mx.google.com; dkim=pass header.i=@ionos.com header.s=google header.b=a6Px7MKb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=ionos.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by groat.vger.email (Postfix) with ESMTP id F1A9B8029895; Tue, 19 Sep 2023 01:18:48 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at groat.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230354AbjISISX (ORCPT + 26 others); Tue, 19 Sep 2023 04:18:23 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58826 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229772AbjISISW (ORCPT ); Tue, 19 Sep 2023 04:18:22 -0400 Received: from mail-wm1-x32d.google.com (mail-wm1-x32d.google.com [IPv6:2a00:1450:4864:20::32d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DBB7A119 for ; Tue, 19 Sep 2023 01:18:16 -0700 (PDT) Received: by mail-wm1-x32d.google.com with SMTP id 5b1f17b1804b1-40472f9db24so54057865e9.2 for ; Tue, 19 Sep 2023 01:18:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ionos.com; s=google; t=1695111495; x=1695716295; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=1gAr+spSxhyFbhqTlLTsUHb79LCXE+R6cPkLBxMk/S0=; b=a6Px7MKbWj9XN89Vv2RGeM7Tcww6D+O+V6x+isuBPEM0nJtB4HOp+iN6RJj33H6srq qYIjfTpZPCqzy2+Xa8U6lCDzb1VhwT2QZN+08uOpRIAYt5N6dkzxMun7CpV4s3b6aAqu rmTbvGLJmIsE9z8DOuYTsfvo/J48WclbZuoNQKsnEsq/gP+zvxQSRpQckTJzel9fXROP x1Odydqt41yZpy+yPMog78EX6B+3Eh9IEL0DRZ4oLdEyzmCsAIT2GiaTzNLsuUqzH12Z 5bT1Ahvx8iBVzxJ+j910NVViwI3Z3kjYWzl4h9tRRUbgI7qWO1w1ZbyMl184+pk2i2dT aEaw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1695111495; x=1695716295; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=1gAr+spSxhyFbhqTlLTsUHb79LCXE+R6cPkLBxMk/S0=; b=bGxOwJWOawYOqZuS1YjgUjSO/uAiyd19AtZT87LDylplu39qEN66tLIgGlR6Jy5vOa fph1IujM5nB00UvsxaIzgmFvkKVbC1KRLF3cTpliQpoXSXJRLYGlCCifqmPQC90IST/H E53KbPfvkGdXhFi2rpgFCcBB6jyvIODbENv1+DFk5d9/Yyxknl74TshxdmjtrOJrV+s5 /gIrRGReFTeOHLNOisb4km4pKYdxeMdlMDfNPhxubqENFjB7i8SxPPUQuXJzG/5D7AHj TRXxe2QlRqZ5hHPN3zR4wM5XImKc92Xajd/aBXKjRiI/iUQ1njI3TXa51kPar7zFuk2m sj6A== X-Gm-Message-State: AOJu0Yyzz68C1AzhvCPquPOh1PxZW8amMVyn1x9TmonvFL2PLDx0m4tp HF+e4mOnebWaDo4hVdQmkRC4TA== X-Received: by 2002:a7b:cd1a:0:b0:3fe:d630:f568 with SMTP id f26-20020a7bcd1a000000b003fed630f568mr8617755wmj.39.1695111495235; Tue, 19 Sep 2023 01:18:15 -0700 (PDT) Received: from heron.intern.cm-ag (p200300dc6f209c00529a4cfffe3dd983.dip0.t-ipconnect.de. [2003:dc:6f20:9c00:529a:4cff:fe3d:d983]) by smtp.gmail.com with ESMTPSA id e13-20020a05600c218d00b00402f745c5ffsm14451531wme.8.2023.09.19.01.18.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 01:18:14 -0700 (PDT) From: Max Kellermann To: Alexander Viro , Christian Brauner Cc: Max Kellermann , "J . Bruce Fields" , stable@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH] fs/posix_acl: apply umask if superblock disables ACL support Date: Tue, 19 Sep 2023 10:18:07 +0200 Message-Id: <20230919081808.1096542-1-max.kellermann@ionos.com> X-Mailer: git-send-email 2.39.2 MIME-Version: 1.0 X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on groat.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (groat.vger.email [0.0.0.0]); Tue, 19 Sep 2023 01:18:49 -0700 (PDT) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1777472793248156064 X-GMAIL-MSGID: 1777552437675366828 The function posix_acl_create() applies the umask only if the inode has no ACL (= NULL) or if ACLs are not supported by the filesystem driver (= -EOPNOTSUPP). However, this happens only after after the IS_POSIXACL() check succeeded. If the superblock doesn't enable ACL support, umask will never be applied. A filesystem which has no ACL support will of course not enable SB_POSIXACL, rendering the umask-applying code path unreachable. This fixes a bug which causes the umask to be ignored with O_TMPFILE on tmpfs: https://github.com/MusicPlayerDaemon/MPD/issues/558 https://bugs.gentoo.org/show_bug.cgi?id=686142#c3 https://bugzilla.kernel.org/show_bug.cgi?id=203625 Reviewed-by: J. Bruce Fields Cc: stable@vger.kernel.org Signed-off-by: Max Kellermann --- fs/posix_acl.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/fs/posix_acl.c b/fs/posix_acl.c index a05fe94970ce..79831269dd2f 100644 --- a/fs/posix_acl.c +++ b/fs/posix_acl.c @@ -642,9 +642,14 @@ posix_acl_create(struct inode *dir, umode_t *mode, *acl = NULL; *default_acl = NULL; - if (S_ISLNK(*mode) || !IS_POSIXACL(dir)) + if (S_ISLNK(*mode)) return 0; + if (!IS_POSIXACL(dir)) { + *mode &= ~current_umask(); + return 0; + } + p = get_inode_acl(dir, ACL_TYPE_DEFAULT); if (!p || p == ERR_PTR(-EOPNOTSUPP)) { *mode &= ~current_umask();