Received: by 2002:a05:7412:d8a:b0:e2:908c:2ebd with SMTP id b10csp958190rdg; Wed, 11 Oct 2023 10:01:46 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGwi+jYDdWu8GzBuQmBWvIh3TwC1oGX+aYxp4DkvhAowrMnaoXPigd0B+IKU08+wO749Yg7 X-Received: by 2002:a05:6358:e48c:b0:143:7cc8:70b1 with SMTP id by12-20020a056358e48c00b001437cc870b1mr16335825rwb.6.1697043705813; Wed, 11 Oct 2023 10:01:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697043705; cv=none; d=google.com; s=arc-20160816; b=T6PBDbKHopRfjgDaUFdWjZsy5F/R9hGArqILUf7tDzwf1FjML4dRJ/Rcn2Nlaqxihp /r69rTHE/YZFvWeYbn2WWVBLI9gOqIlUySb233+eVSuznYtVGtdz+NYpcMNr41DbS+1i nq/4InB7+Oh4FAZTGqj9/jfa3aHwR2NKVIZi9leQAAuWbs0Y+G9//pikAPgszP4EH5C3 nFNRjOz6Dr8QTp4gYhkQhn51Wi0y8OnpGTKuJD2nEeYN2NBD2+v3JuPnlrP6tcjR5K1t 8iBOKlhuM1PHpFw6CPDlUE5RWo5Da6nq8nntbRAQiq34EtrLyahMODJyZlqmuS16aUW3 wAVw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=q/lSedKb7lshx7k2rQEAeRvB6s5o1LR/9RTjMM0Pa84=; fh=bdrQgWHBIRj74ts7ncNZ7/0CejM2TOtP8IMES8vXlH4=; b=uydZH/l8KWB1HmhqLpy6x9IHXVSx3/GZ7fIWHZYjY+i/Ehc4zkhnJrcIJYJvhPyh62 jS14TOdJSiLeukfY35V8Iu5wmnNIsczM8/jGuldDVkkBHjxfVpaurW0cI2UfHXpnSJV3 01tSm4Tl/Dhwbqfwfn9QJAts/XQ5I+/u2HB4l4S2Hj7WdT22ESEU8wgWIuRtHBq5si2Q 8CWKphidwL0DGkOhgnHUrJvyA2CDKLBXZYZM/kCB4koeBOMrNKzLwHAHPHxRl+VM0NrZ zk6Dv9DLs/o3BJATT4juULFu/Y0qDlvYUL34FN0i4ZYzXv/426x6fxVCDaU3CK+gNHov 9uFg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@mit.edu header.s=outgoing header.b="Rc2/C7WG"; spf=pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.38 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=mit.edu Return-Path: Received: from fry.vger.email (fry.vger.email. [23.128.96.38]) by mx.google.com with ESMTPS id y22-20020a637d16000000b00578b952e954si181634pgc.112.2023.10.11.10.01.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 11 Oct 2023 10:01:45 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.38 as permitted sender) client-ip=23.128.96.38; Authentication-Results: mx.google.com; dkim=pass header.i=@mit.edu header.s=outgoing header.b="Rc2/C7WG"; spf=pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.38 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=mit.edu Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by fry.vger.email (Postfix) with ESMTP id 5DCFC8096BA3; Wed, 11 Oct 2023 10:01:35 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at fry.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232217AbjJKRB3 (ORCPT + 99 others); Wed, 11 Oct 2023 13:01:29 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38296 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232796AbjJKRB2 (ORCPT ); Wed, 11 Oct 2023 13:01:28 -0400 Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6E24F8F for ; Wed, 11 Oct 2023 10:01:26 -0700 (PDT) Received: from cwcc.thunk.org (pool-173-48-102-152.bstnma.fios.verizon.net [173.48.102.152]) (authenticated bits=0) (User authenticated as tytso@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 39BH0gc9026643 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 11 Oct 2023 13:00:43 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mit.edu; s=outgoing; t=1697043645; bh=q/lSedKb7lshx7k2rQEAeRvB6s5o1LR/9RTjMM0Pa84=; h=Date:From:Subject:Message-ID:MIME-Version:Content-Type; b=Rc2/C7WGlgIGRQErNzCcxSMHogE9oGRHAvNB2j3dbxswtI5n+kyI7gEaZ4G3t2XYD vgniCaTIjxuF5Kn7l7kN/sUqVEHVEphiRz6No2c+NguixtNdFguU5pxTAVFEMmRa7L mozXISoF8mD2gcTwwtoeTz0QTTpMTQy1dztVf/zBgg2ojvpJ30NPfFgfDc6EY8550C Vm6FKhIsyR0nd2gUYgV1vJ/bziErXOw/85jjMF7e91VuNXCjdk66m8RcrcHnr/7iJ4 FcCSVVDBDUK9Hs1TLdx1HefX/oATTG+BHWGjmGUqVFW+iTE4PM8rEmDqGvJMrxTcHh r5JIaMzoS4H6w== Received: by cwcc.thunk.org (Postfix, from userid 15806) id 4C0C715C0255; Wed, 11 Oct 2023 13:00:42 -0400 (EDT) Date: Wed, 11 Oct 2023 13:00:42 -0400 From: "Theodore Ts'o" To: Christian Brauner Cc: Jan Kara , Max Kellermann , Xiubo Li , Ilya Dryomov , Jeff Layton , Jan Kara , Dave Kleikamp , ceph-devel@vger.kernel.org, linux-kernel@vger.kernel.org, linux-ext4@vger.kernel.org, jfs-discussion@lists.sourceforge.net, Yang Xu , linux-fsdevel@vger.kernel.org Subject: Re: [PATCH v2] fs/{posix_acl,ext2,jfs,ceph}: apply umask if ACL support is disabled Message-ID: <20231011170042.GA267994@mit.edu> References: <20231009144340.418904-1-max.kellermann@ionos.com> <20231010131125.3uyfkqbcetfcqsve@quack3> <20231011100541.sfn3prgtmp7hk2oj@quack3> <20231011120655.ndb7bfasptjym3wl@quack3> <20231011135922.4bij3ittlg4ujkd7@quack3> <20231011-braumeister-anrufen-62127dc64de0@brauner> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20231011-braumeister-anrufen-62127dc64de0@brauner> X-Spam-Status: No, score=2.7 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, RCVD_IN_SBL_CSS,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on fry.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (fry.vger.email [0.0.0.0]); Wed, 11 Oct 2023 10:01:35 -0700 (PDT) X-Spam-Level: ** On Wed, Oct 11, 2023 at 05:27:37PM +0200, Christian Brauner wrote: > Aside from that, the problem had been that filesystems like nfs v4 > intentionally raised SB_POSIXACL to prevent umask stripping in the VFS. > IOW, for them SB_POSIXACL was equivalent to "don't apply any umask". > > And afaict nfs v4 has it's own thing going on how and where umasks are > applied. However, since we now have the following commit in vfs.misc: > > fs: add a new SB_I_NOUMASK flag To summarize, just to make sure I understand where we're going. Since normally (excepting unusual cases like NFS), it's fine to strip the umask bits twice (once in the VFS, and once in the file system, for those file systems that are doing it), once we have SB_I_NOUMASK and NFS starts using it, then the VFS can just unconditionally strip the umask bits, and then we can gradually clean up the file system umask handling (which would then be harmlessly duplicative). Did I get this right? - Ted