Unverified Commit 5aa8fd9c authored by Jeff Layton's avatar Jeff Layton Committed by Christian Brauner
Browse files

fs: add a new SB_I_NOUMASK flag 



SB_POSIXACL must be set when a filesystem supports POSIX ACLs, but NFSv4
also sets this flag to prevent the VFS from applying the umask on
newly-created files. NFSv4 doesn't support POSIX ACLs however, which
causes confusion when other subsystems try to test for them.

Add a new SB_I_NOUMASK flag that allows filesystems to opt-in to umask
stripping without advertising support for POSIX ACLs. Set the new flag
on NFSv4 instead of SB_POSIXACL.

Also, move mode_strip_umask to namei.h and convert init_mknod and
init_mkdir to use it.

Signed-off-by: default avatarJeff Layton <jlayton@kernel.org>
Message-Id: <20230911-acl-fix-v3-1-b25315333f6c@kernel.org>
Signed-off-by: default avatarChristian Brauner <brauner@kernel.org>
parent 84d2b696

fs/init.c

+2 −4
Original line number Diff line number Diff line
@@ -153,8 +153,7 @@ int __init init_mknod(const char *filename, umode_t mode, unsigned int dev) 
	if (IS_ERR(dentry))

		return PTR_ERR(dentry);



	if (!IS_POSIXACL(path.dentry->d_inode))

		mode &= ~current_umask();

	mode = mode_strip_umask(d_inode(path.dentry), mode);

	error = security_path_mknod(&path, dentry, mode, dev);

	if (!error)

		error = vfs_mknod(mnt_idmap(path.mnt), path.dentry->d_inode,
@@ -229,8 +228,7 @@ int __init init_mkdir(const char *pathname, umode_t mode) 
	dentry = kern_path_create(AT_FDCWD, pathname, &path, LOOKUP_DIRECTORY);

	if (IS_ERR(dentry))

		return PTR_ERR(dentry);

	if (!IS_POSIXACL(path.dentry->d_inode))

		mode &= ~current_umask();

	mode = mode_strip_umask(d_inode(path.dentry), mode);

	error = security_path_mkdir(&path, dentry, mode);

	if (!error)

		error = vfs_mkdir(mnt_idmap(path.mnt), path.dentry->d_inode,

fs/namei.c

+0 −19
Original line number Diff line number Diff line
@@ -3103,25 +3103,6 @@ void unlock_rename(struct dentry *p1, struct dentry *p2) 
}

EXPORT_SYMBOL(unlock_rename);



/**

 * mode_strip_umask - handle vfs umask stripping

 * @dir:	parent directory of the new inode

 * @mode:	mode of the new inode to be created in @dir

 *

 * Umask stripping depends on whether or not the filesystem supports POSIX

 * ACLs. If the filesystem doesn't support it umask stripping is done directly

 * in here. If the filesystem does support POSIX ACLs umask stripping is

 * deferred until the filesystem calls posix_acl_create().

 *

 * Returns: mode

 */

static inline umode_t mode_strip_umask(const struct inode *dir, umode_t mode)

{

	if (!IS_POSIXACL(dir))

		mode &= ~current_umask();

	return mode;

}



/**

 * vfs_prepare_mode - prepare the mode to be used for a new inode

 * @idmap:	idmap of the mount the inode was found from

fs/nfs/super.c

+1 −1
Original line number Diff line number Diff line
@@ -1071,7 +1071,7 @@ static void nfs_fill_super(struct super_block *sb, struct nfs_fs_context *ctx) 
		sb->s_export_op = &nfs_export_ops;

		break;

	case 4:

		sb->s_flags |= SB_POSIXACL;

		sb->s_iflags |= SB_I_NOUMASK;

		sb->s_time_gran = 1;

		sb->s_time_min = S64_MIN;

		sb->s_time_max = S64_MAX;

include/linux/fs.h

+2 −1
Original line number Diff line number Diff line
@@ -1119,7 +1119,7 @@ extern int send_sigurg(struct fown_struct *fown); 
#define SB_NOATIME      BIT(10)	/* Do not update access times. */

#define SB_NODIRATIME   BIT(11)	/* Do not update directory access times */

#define SB_SILENT       BIT(15)

#define SB_POSIXACL     BIT(16)	/* VFS does not apply the umask */

#define SB_POSIXACL     BIT(16)	/* Supports POSIX ACLs */

#define SB_INLINECRYPT  BIT(17)	/* Use blk-crypto for encrypted files */

#define SB_KERNMOUNT    BIT(22)	/* this is a kern_mount call */

#define SB_I_VERSION    BIT(23)	/* Update inode I_version field */
@@ -1166,6 +1166,7 @@ extern int send_sigurg(struct fown_struct *fown); 
#define SB_I_PERSB_BDI	0x00000200	/* has a per-sb bdi */

#define SB_I_TS_EXPIRY_WARNED 0x00000400 /* warned about timestamp range expiry */

#define SB_I_RETIRED	0x00000800	/* superblock shouldn't be reused */

#define SB_I_NOUMASK	0x00001000	/* VFS does not apply umask */



/* Possible states of 'frozen' field */

enum {

include/linux/namei.h

+24 −0
Original line number Diff line number Diff line
@@ -92,6 +92,30 @@ extern struct dentry *lock_rename(struct dentry *, struct dentry *); 
extern struct dentry *lock_rename_child(struct dentry *, struct dentry *);

extern void unlock_rename(struct dentry *, struct dentry *);



/**

 * mode_strip_umask - handle vfs umask stripping

 * @dir:	parent directory of the new inode

 * @mode:	mode of the new inode to be created in @dir

 *

 * In most filesystems, umask stripping depends on whether or not the

 * filesystem supports POSIX ACLs. If the filesystem doesn't support it umask

 * stripping is done directly in here. If the filesystem does support POSIX

 * ACLs umask stripping is deferred until the filesystem calls

 * posix_acl_create().

 *

 * Some filesystems (like NFSv4) also want to avoid umask stripping by the

 * VFS, but don't support POSIX ACLs. Those filesystems can set SB_I_NOUMASK

 * to get this effect without declaring that they support POSIX ACLs.

 *

 * Returns: mode

 */

static inline umode_t __must_check mode_strip_umask(const struct inode *dir, umode_t mode)

{

	if (!IS_POSIXACL(dir) && !(dir->i_sb->s_iflags & SB_I_NOUMASK))

		mode &= ~current_umask();

	return mode;

}



extern int __must_check nd_jump_link(const struct path *path);



static inline void nd_terminate_link(void *name, size_t len, size_t maxlen)