From patchwork Tue Apr  7 14:22:40 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Max Kellermann <mk@cm4all.com>
X-Patchwork-Id: 228132
Return-Path: <SRS0=IdoU=5X=vger.kernel.org=stable-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
 aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-14.7 required=3.0
 tests=HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH,
 MAILING_LIST_MULTI, 
 MENTIONS_GIT_HOSTING, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS,
 URIBL_BLOCKED, 
 USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
 by smtp.lore.kernel.org (Postfix) with ESMTP id 64733C2BA2B
 for <stable@archiver.kernel.org>;
 Tue,  7 Apr 2020 14:31:26 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
 by mail.kernel.org (Postfix) with ESMTP id 38CED2072A
 for <stable@archiver.kernel.org>;
 Tue,  7 Apr 2020 14:31:26 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
 id S1729108AbgDGObZ (ORCPT <rfc822;stable@archiver.kernel.org>);
 Tue, 7 Apr 2020 10:31:25 -0400
Received: from nibbler.cm4all.net ([82.165.145.151]:47577 "EHLO
 nibbler.cm4all.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
 with ESMTP id S1728573AbgDGObZ (ORCPT
 <rfc822;stable@vger.kernel.org>); Tue, 7 Apr 2020 10:31:25 -0400
X-Greylist: delayed 496 seconds by postgrey-1.27 at vger.kernel.org;
 Tue, 07 Apr 2020 10:31:24 EDT
Received: from localhost (localhost [127.0.0.1])
 by nibbler.cm4all.net (Postfix) with ESMTP id 9D533C00E8
 for <stable@vger.kernel.org>; Tue,  7 Apr 2020 16:23:05 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at nibbler.cm4all.net
Received: from nibbler.cm4all.net ([127.0.0.1])
 by localhost (nibbler.cm4all.net [127.0.0.1]) (amavisd-new,
 port 10024) with LMTP id 6ZHPjxeilZVm for <stable@vger.kernel.org>;
 Tue,  7 Apr 2020 16:23:05 +0200 (CEST)
Received: from zero.intern.cm-ag (zero.intern.cm-ag [172.30.16.10])
 by nibbler.cm4all.net (Postfix) with SMTP id 715F2C0158
 for <stable@vger.kernel.org>; Tue,  7 Apr 2020 16:23:05 +0200 (CEST)
Received: (qmail 19653 invoked from network); 7 Apr 2020 17:35:18 +0200
Received: from unknown (HELO rabbit.intern.cm-ag) (172.30.3.1)
 by zero.intern.cm-ag with SMTP; 7 Apr 2020 17:35:18 +0200
Received: by rabbit.intern.cm-ag (Postfix, from userid 1023)
 id 3558B46143D; Tue,  7 Apr 2020 16:23:05 +0200 (CEST)
From: Max Kellermann <mk@cm4all.com>
To: linux-fsdevel@vger.kernel.org, linux-nfs@vger.kernel.org,
 trond.myklebust@hammerspace.com
Cc: bfields@redhat.com, tytso@mit.edu, viro@zeniv.linux.org.uk,
 agruenba@redhat.com, linux-kernel@vger.kernel.org,
 Max Kellermann <mk@cm4all.com>, stable@vger.kernel.org
Subject: [PATCH v3 1/4] fs/posix_acl: apply umask if superblock disables ACL
 support
Date: Tue,  7 Apr 2020 16:22:40 +0200
Message-Id: <20200407142243.2032-1-mk@cm4all.com>
X-Mailer: git-send-email 2.20.1
MIME-Version: 1.0
Sender: stable-owner@vger.kernel.org
Precedence: bulk
List-ID: <stable.vger.kernel.org>
X-Mailing-List: stable@vger.kernel.org

The function posix_acl_create() applies the umask only if the inode
has no ACL (= NULL) or if ACLs are not supported by the filesystem
driver (= -EOPNOTSUPP).

However, this happens only after after the IS_POSIXACL() check
succeeded.  If the superblock doesn't enable ACL support, umask will
never be applied.  A filesystem which has no ACL support will of
course not enable SB_POSIXACL, rendering the umask-applying code path
unreachable.

This fixes a bug which causes the umask to be ignored with O_TMPFILE
on tmpfs:

 https://github.com/MusicPlayerDaemon/MPD/issues/558
 https://bugs.gentoo.org/show_bug.cgi?id=686142#c3
 https://bugzilla.kernel.org/show_bug.cgi?id=203625

Signed-off-by: Max Kellermann <mk@cm4all.com>
Reviewed-by: J. Bruce Fields <bfields@redhat.com>
Cc: stable@vger.kernel.org
---
 fs/posix_acl.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/fs/posix_acl.c b/fs/posix_acl.c
index 249672bf54fe..e5e7a2295b99 100644
--- a/fs/posix_acl.c
+++ b/fs/posix_acl.c
@@ -589,9 +589,14 @@ posix_acl_create(struct inode *dir, umode_t *mode,
 	*acl = NULL;
 	*default_acl = NULL;
 
-	if (S_ISLNK(*mode) || !IS_POSIXACL(dir))
+	if (S_ISLNK(*mode))
 		return 0;
 
+	if (!IS_POSIXACL(dir)) {
+		*mode &= ~current_umask();
+		return 0;
+	}
+
 	p = get_acl(dir, ACL_TYPE_DEFAULT);
 	if (!p || p == ERR_PTR(-EOPNOTSUPP)) {
 		*mode &= ~current_umask();