Received: by 2002:a25:6193:0:0:0:0:0 with SMTP id v141csp4438865ybb; Tue, 7 Apr 2020 07:32:42 -0700 (PDT) X-Google-Smtp-Source: APiQypIQc4k8q+4Tja6A0uIoJNh8uuu5RNcSL6rsIEkVVbeUWxkeRUtA2Rb8OW0zCy5LaJi+EZlm X-Received: by 2002:a9d:6d04:: with SMTP id o4mr1806404otp.101.1586269961856; Tue, 07 Apr 2020 07:32:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1586269961; cv=none; d=google.com; s=arc-20160816; b=oQD104VoV1tAe1xeV0dpH1zJ9vHl8W48CVRS053FyKzM8qbKQ0ybKyRHt0qgyCTNlv lrtCVyV+rHy2q2fkvez5ZTgrnDgXg4tm789wuMbwDvpxe6O+FZuNFU+z9g9bcwSvElgN dA5oQvEMXvc577iWTmzoTogT0qr1x7Q1ML5c3dV5vitb0IjrDCezg4NulfCdAUb46r+5 5A0Br14YyQuMC77eIdcJMBb2gfX1GJCKbjFEO7NNO3eWa8dw+KGrBiAtuuFvRBUrY/Kq PkurpeBX45Ujhg0UWCGSmzi2mjUDSVJCIryBNy0J47cIPebKUZPuPGVoZ/xCToyYdQLb 4rpA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=qSaFXAMX7+ysvGdd5rQPLXfyF+T6lsK+BF4T3/AwAac=; b=I6wvJc4wXt8g973d7P+7K1TV9KOkbuCDC6ZG+ojDPJ2CN5YvX7ciuFvOVREl6HTAyP Fdy/fhxsUzDcpYiNyhXHsLrQBqbVxQUB38YWOv/L/+wTu8VN2/f5zvU0peeLL0/809aj K66CNYgMHif13c4IRsDfxRjuq7HV2nGSVyXe49Drfo+BViqIqs/OLjjAjkZovKkG1Vvt SqSwRecUnwyVwugPk3ukJgMNPcVrKLdv9xggsarFv6ugkv05qL+qSzO46vPGcZOwPxG5 dF6HUtOd0CBh3gqI+MqF9mYKInf4duaTiHCvHpGPFYyA8L4Dw/yfmOp5klOVq0+NWdvm Ec3g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 6si1366306otv.76.2020.04.07.07.32.28; Tue, 07 Apr 2020 07:32:41 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729211AbgDGOb2 (ORCPT + 99 others); Tue, 7 Apr 2020 10:31:28 -0400 Received: from nibbler.cm4all.net ([82.165.145.151]:47598 "EHLO nibbler.cm4all.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729145AbgDGOb1 (ORCPT ); Tue, 7 Apr 2020 10:31:27 -0400 Received: from localhost (localhost [127.0.0.1]) by nibbler.cm4all.net (Postfix) with ESMTP id DFEB1C020D for ; Tue, 7 Apr 2020 16:23:08 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at nibbler.cm4all.net Received: from nibbler.cm4all.net ([127.0.0.1]) by localhost (nibbler.cm4all.net [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 1LJ_2-oVVuvU for ; Tue, 7 Apr 2020 16:23:08 +0200 (CEST) Received: from zero.intern.cm-ag (zero.intern.cm-ag [172.30.16.10]) by nibbler.cm4all.net (Postfix) with SMTP id 9F729C021E for ; Tue, 7 Apr 2020 16:23:08 +0200 (CEST) Received: (qmail 19689 invoked from network); 7 Apr 2020 17:35:21 +0200 Received: from unknown (HELO rabbit.intern.cm-ag) (172.30.3.1) by zero.intern.cm-ag with SMTP; 7 Apr 2020 17:35:21 +0200 Received: by rabbit.intern.cm-ag (Postfix, from userid 1023) id 61F4446143D; Tue, 7 Apr 2020 16:23:08 +0200 (CEST) From: Max Kellermann To: linux-fsdevel@vger.kernel.org, linux-nfs@vger.kernel.org, trond.myklebust@hammerspace.com Cc: bfields@redhat.com, tytso@mit.edu, viro@zeniv.linux.org.uk, agruenba@redhat.com, linux-kernel@vger.kernel.org, Max Kellermann , Jan Kara , stable@vger.kernel.org Subject: [PATCH v3 3/4] linux/fs.h: fix umask on NFS with CONFIG_FS_POSIX_ACL=n Date: Tue, 7 Apr 2020 16:22:42 +0200 Message-Id: <20200407142243.2032-3-mk@cm4all.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200407142243.2032-1-mk@cm4all.com> References: <20200407142243.2032-1-mk@cm4all.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-nfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org Make IS_POSIXACL() return false if POSIX ACL support is disabled and ignore SB_POSIXACL/MS_POSIXACL. Never skip applying the umask in namei.c and never bother to do any ACL specific checks if the filesystem falsely indicates it has ACLs enabled when the feature is completely disabled in the kernel. This fixes a problem where the umask is always ignored in the NFS client when compiled without CONFIG_FS_POSIX_ACL. This is a 4 year old regression caused by commit 013cdf1088d723 which itself was not completely wrong, but failed to consider all the side effects by misdesigned VFS code. Prior to that commit, there were two places where the umask could be applied, for example when creating a directory: 1. in the VFS layer in SYSCALL_DEFINE3(mkdirat), but only if !IS_POSIXACL() 2. again (unconditionally) in nfs3_proc_mkdir() The first one does not apply, because even without CONFIG_FS_POSIX_ACL, the NFS client sets MS_POSIXACL in nfs_fill_super(). After that commit, (2.) was replaced by: 2b. in posix_acl_create(), called by nfs3_proc_mkdir() There's one branch in posix_acl_create() which applies the umask; however, without CONFIG_FS_POSIX_ACL, posix_acl_create() is an empty dummy function which does not apply the umask. The approach chosen by this patch is to make IS_POSIXACL() always return false when POSIX ACL support is disabled, so the umask always gets applied by the VFS layer. This is consistent with the (regular) behavior of posix_acl_create(): that function returns early if IS_POSIXACL() is false, before applying the umask. Therefore, posix_acl_create() is responsible for applying the umask if there is ACL support enabled in the file system (SB_POSIXACL), and the VFS layer is responsible for all other cases (no SB_POSIXACL or no CONFIG_FS_POSIX_ACL). Signed-off-by: Max Kellermann Reviewed-by: J. Bruce Fields Reviewed-by: Jan Kara Cc: stable@vger.kernel.org --- include/linux/fs.h | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/include/linux/fs.h b/include/linux/fs.h index abedbffe2c9e..5721be1146b1 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -2027,7 +2027,12 @@ static inline bool sb_rdonly(const struct super_block *sb) { return sb->s_flags #define IS_NOQUOTA(inode) ((inode)->i_flags & S_NOQUOTA) #define IS_APPEND(inode) ((inode)->i_flags & S_APPEND) #define IS_IMMUTABLE(inode) ((inode)->i_flags & S_IMMUTABLE) + +#ifdef CONFIG_FS_POSIX_ACL #define IS_POSIXACL(inode) __IS_FLG(inode, SB_POSIXACL) +#else +#define IS_POSIXACL(inode) 0 +#endif #define IS_DEADDIR(inode) ((inode)->i_flags & S_DEAD) #define IS_NOCMTIME(inode) ((inode)->i_flags & S_NOCMTIME) -- 2.20.1