Received: by 2002:a05:6a10:6d10:0:0:0:0 with SMTP id gq16csp977053pxb;
        Fri, 15 Apr 2022 17:11:33 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJzpTr/53Y0yLQq2qOBsXXmeUiOnlLt9BD8LNU6MTFDEMWgp/rJ4d8I8b7k2u6Ac5hX8J69s
X-Received: by 2002:a05:6a00:894:b0:4fe:25d7:f59e with SMTP id q20-20020a056a00089400b004fe25d7f59emr1330230pfj.58.1650067892807;
        Fri, 15 Apr 2022 17:11:32 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1650067892; cv=none;
        d=google.com; s=arc-20160816;
        b=M4iC3NGAzZrx70s4quteTUk3uznHql2KDGAdD8IDQTUCimRB0e/7s9JCWsbzkOpQEF
         85RLuNp6cNKzSiLFphKxwdSQZRUr6kJtUQe4pRnxXfDwu8a8uWRq3yy0lgOJft667Quo
         /XCxr9lzphgL5qi34JzZNbA6aSnkLcHo6ypvcHZin7uUfwBX5OwN4VZokvAmGQjwJq7J
         dNkFH7uLRYJc9zwyHgI1msjHhwATFe2MJ0O9FmQFBasWBcJSI4bY8x5MZRnMKeikEl/h
         on101gJPKVG+wnLXoCf0MfUnx+GzfKA97EuC2GbBLcWP0lNyU9rv6EfpY9ee1B9clIqV
         KPlw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date:dkim-signature;
        bh=llzSH5ASFiQ8bLulLujkvSmSlIfCCxj9rYkJhLTQ1rQ=;
        b=lP1ll2eFxhop82UjwlytGzlIN6mvNmuqfN3/9QKcdlqg9js27w/DnVnjs5QEX5kfFc
         q2VkUSNEwGQblKcQMjSkwfvuWvpXG+rs3GcttVyT5gdiymr/8jKOhFpgT9H61EImEYIF
         LRNGGTavjmZRNp0IKDRwPHA5kUWAnMYSwaOmExUKHhBMhADk3YaMVEyPCEP2UcYGjqC1
         RC8u2qjYF8Y8CluWr3wswQEHBGREFaktRGok5s7hZQJ2ugMjI038n/Eos79jnoquzA3H
         GM4MoY3VBdre0hKi3vjwA+o9Xf8fkywF3hwi3zRdWoy9LMtGHnuzz2efrzInJMZ/MwnO
         NzIA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=C2sFtsft;
       spf=softfail (google.com: domain of transitioning linux-nfs-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-nfs-owner@vger.kernel.org>
Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [23.128.96.19])
        by mx.google.com with ESMTPS id s27-20020a056a00179b00b004fddde5ff5esi2732672pfg.43.2022.04.15.17.11.32
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 15 Apr 2022 17:11:32 -0700 (PDT)
Received-SPF: softfail (google.com: domain of transitioning linux-nfs-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) client-ip=23.128.96.19;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=C2sFtsft;
       spf=softfail (google.com: domain of transitioning linux-nfs-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by lindbergh.monkeyblade.net (Postfix) with ESMTP id E9F3E4707A;
	Fri, 15 Apr 2022 17:11:27 -0700 (PDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1354355AbiDOOUS (ORCPT <rfc822;jx.jiangxin@gmail.com>
        + 99 others); Fri, 15 Apr 2022 10:20:18 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45188 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S238061AbiDOOUR (ORCPT
        <rfc822;linux-nfs@vger.kernel.org>); Fri, 15 Apr 2022 10:20:17 -0400
Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9E7CACF486;
        Fri, 15 Apr 2022 07:17:48 -0700 (PDT)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by ams.source.kernel.org (Postfix) with ESMTPS id 55517B82E33;
        Fri, 15 Apr 2022 14:17:47 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 0A4C3C385A5;
        Fri, 15 Apr 2022 14:17:43 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=k20201202; t=1650032266;
        bh=L1loXxXsShKFYfH6N3c8VKq+/adfk8vKEkNsvVLMshg=;
        h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
        b=C2sFtsftOgvF6scuQt+Fpj3FCZP5Bx6m8dXOl0q/5gpDeYcHNlW8s6i55Vhcffh/o
         /CfEyF7fDIUzvyuX4Knp+CPrAr3mAUIWUAcrl26+ZQ9CtscM2df3raGyVxk7BAn1W7
         WVC/ZzKfLzo8OUgAB7RHtJeAnIG9xOqhbixOiY/Fv93VexW7I95nl/s2J6TTtRKjmk
         7CmO8/WN9Lw56YZ+8T7OfW7moLVObtqY87GQaiemdduaU12dF9zq9OR4FggvLtqwoG
         rDgIY70FWfbEbX7sbqnl5nnpt3KnFdXBCkp/1abh8Bu4m8aJqnr6ztZcYBFmpnWYj/
         GRu3mSOAlrkaw==
Date:   Fri, 15 Apr 2022 16:17:41 +0200
From:   Christian Brauner <brauner@kernel.org>
To:     Yang Xu <xuyang2018.jy@fujitsu.com>
Cc:     david@fromorbit.com, djwong@kernel.org,
        linux-fsdevel@vger.kernel.org, ceph-devel@vger.kernel.org,
        linux-nfs@vger.kernel.org, linux-xfs@vger.kernel.org,
        viro@zeniv.linux.org.uk, jlayton@kernel.org
Subject: Re: [PATCH v3 2/7] fs/namei.c: Add missing umask strip in vfs_tmpfile
Message-ID: <20220415141741.q7i7wwcmuzo5dgav@wittgenstein>
References: <1650020543-24908-1-git-send-email-xuyang2018.jy@fujitsu.com>
 <1650020543-24908-2-git-send-email-xuyang2018.jy@fujitsu.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <1650020543-24908-2-git-send-email-xuyang2018.jy@fujitsu.com>
X-Spam-Status: No, score=-2.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
	DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI,
	RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=unavailable
	autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
	lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-nfs.vger.kernel.org>
X-Mailing-List: linux-nfs@vger.kernel.org

On Fri, Apr 15, 2022 at 07:02:18PM +0800, Yang Xu wrote:
> If underflying filesystem doesn't enable own CONFIG_FS_POSIX_ACL, then
> posix_acl_create can't be called. So we will miss umask strip, ie
> use ext4 with noacl or disblae CONFIG_EXT4_FS_POSIX_ACL.

Hm, maybe:

"All creation paths except for O_TMPFILE handle umask in the vfs
directly if the filesystem doesn't support or enable POSIX ACLs. If the
filesystem does then umask handling is deferred until
posix_acl_create().
Because, O_TMPFILE misses umask handling in the vfs it will not honor
umask settings. Fix this by adding the missing umask handling."

> 
> Reported-by: Christian Brauner (Microsoft) <brauner@kernel.org>
> Signed-off-by: Yang Xu <xuyang2018.jy@fujitsu.com>
> ---

Acked-by: Christian Brauner (Microsoft) <brauner@kernel.org>

>  fs/namei.c | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/fs/namei.c b/fs/namei.c
> index 3f1829b3ab5b..bbc7c950bbdc 100644
> --- a/fs/namei.c
> +++ b/fs/namei.c
> @@ -3521,6 +3521,8 @@ struct dentry *vfs_tmpfile(struct user_namespace *mnt_userns,
>  	child = d_alloc(dentry, &slash_name);
>  	if (unlikely(!child))
>  		goto out_err;
> +	if (!IS_POSIXACL(dir))
> +		mode &= ~current_umask();
>  	error = dir->i_op->tmpfile(mnt_userns, dir, child, mode);
>  	if (error)
>  		goto out_err;
> -- 
> 2.27.0
>