From patchwork Tue Apr 7 14:22:40 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Max Kellermann X-Patchwork-Id: 228132 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-14.7 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, MENTIONS_GIT_HOSTING, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, URIBL_BLOCKED, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 64733C2BA2B for ; Tue, 7 Apr 2020 14:31:26 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 38CED2072A for ; Tue, 7 Apr 2020 14:31:26 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729108AbgDGObZ (ORCPT ); Tue, 7 Apr 2020 10:31:25 -0400 Received: from nibbler.cm4all.net ([82.165.145.151]:47577 "EHLO nibbler.cm4all.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728573AbgDGObZ (ORCPT ); Tue, 7 Apr 2020 10:31:25 -0400 X-Greylist: delayed 496 seconds by postgrey-1.27 at vger.kernel.org; Tue, 07 Apr 2020 10:31:24 EDT Received: from localhost (localhost [127.0.0.1]) by nibbler.cm4all.net (Postfix) with ESMTP id 9D533C00E8 for ; Tue, 7 Apr 2020 16:23:05 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at nibbler.cm4all.net Received: from nibbler.cm4all.net ([127.0.0.1]) by localhost (nibbler.cm4all.net [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 6ZHPjxeilZVm for ; Tue, 7 Apr 2020 16:23:05 +0200 (CEST) Received: from zero.intern.cm-ag (zero.intern.cm-ag [172.30.16.10]) by nibbler.cm4all.net (Postfix) with SMTP id 715F2C0158 for ; Tue, 7 Apr 2020 16:23:05 +0200 (CEST) Received: (qmail 19653 invoked from network); 7 Apr 2020 17:35:18 +0200 Received: from unknown (HELO rabbit.intern.cm-ag) (172.30.3.1) by zero.intern.cm-ag with SMTP; 7 Apr 2020 17:35:18 +0200 Received: by rabbit.intern.cm-ag (Postfix, from userid 1023) id 3558B46143D; Tue, 7 Apr 2020 16:23:05 +0200 (CEST) From: Max Kellermann To: linux-fsdevel@vger.kernel.org, linux-nfs@vger.kernel.org, trond.myklebust@hammerspace.com Cc: bfields@redhat.com, tytso@mit.edu, viro@zeniv.linux.org.uk, agruenba@redhat.com, linux-kernel@vger.kernel.org, Max Kellermann , stable@vger.kernel.org Subject: [PATCH v3 1/4] fs/posix_acl: apply umask if superblock disables ACL support Date: Tue, 7 Apr 2020 16:22:40 +0200 Message-Id: <20200407142243.2032-1-mk@cm4all.com> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 Sender: stable-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org The function posix_acl_create() applies the umask only if the inode has no ACL (= NULL) or if ACLs are not supported by the filesystem driver (= -EOPNOTSUPP). However, this happens only after after the IS_POSIXACL() check succeeded. If the superblock doesn't enable ACL support, umask will never be applied. A filesystem which has no ACL support will of course not enable SB_POSIXACL, rendering the umask-applying code path unreachable. This fixes a bug which causes the umask to be ignored with O_TMPFILE on tmpfs: https://github.com/MusicPlayerDaemon/MPD/issues/558 https://bugs.gentoo.org/show_bug.cgi?id=686142#c3 https://bugzilla.kernel.org/show_bug.cgi?id=203625 Signed-off-by: Max Kellermann Reviewed-by: J. Bruce Fields Cc: stable@vger.kernel.org --- fs/posix_acl.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/fs/posix_acl.c b/fs/posix_acl.c index 249672bf54fe..e5e7a2295b99 100644 --- a/fs/posix_acl.c +++ b/fs/posix_acl.c @@ -589,9 +589,14 @@ posix_acl_create(struct inode *dir, umode_t *mode, *acl = NULL; *default_acl = NULL; - if (S_ISLNK(*mode) || !IS_POSIXACL(dir)) + if (S_ISLNK(*mode)) return 0; + if (!IS_POSIXACL(dir)) { + *mode &= ~current_umask(); + return 0; + } + p = get_acl(dir, ACL_TYPE_DEFAULT); if (!p || p == ERR_PTR(-EOPNOTSUPP)) { *mode &= ~current_umask();