lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <2ed5afa7-7ca7-87d2-ea84-5e80485bae97@redhat.com> Date: Thu, 21 Sep 2023 08:51:41 +0800 From: Xiubo Li <xiubli@...hat.com> To: Max Kellermann <max.kellermann@...os.com>, Ilya Dryomov <idryomov@...il.com>, Jeff Layton <jlayton@...nel.org>, Jan Kara <jack@...e.com>, Dave Kleikamp <shaggy@...nel.org> Cc: ceph-devel@...r.kernel.org, linux-kernel@...r.kernel.org, linux-ext4@...r.kernel.org, jfs-discussion@...ts.sourceforge.net Subject: Re: [PATCH] fs: apply umask if POSIX ACL support is disabled On 9/19/23 16:18, Max Kellermann wrote: > Signed-off-by: Max Kellermann <max.kellermann@...os.com> > --- > fs/ceph/super.h | 1 + > fs/ext2/acl.h | 1 + > fs/jfs/jfs_acl.h | 1 + > include/linux/posix_acl.h | 1 + > 4 files changed, 4 insertions(+) > > diff --git a/fs/ceph/super.h b/fs/ceph/super.h > index 51c7f2b14f6f..e7e2f264acf4 100644 > --- a/fs/ceph/super.h > +++ b/fs/ceph/super.h > @@ -1194,6 +1194,7 @@ static inline void ceph_forget_all_cached_acls(struct inode *inode) > static inline int ceph_pre_init_acls(struct inode *dir, umode_t *mode, > struct ceph_acl_sec_ctx *as_ctx) > { > + *mode &= ~current_umask(); > return 0; > } This LGTM. Shouldn't we also do this in 'ceph_pre_init_acls()' when we couldn't get 'acl' from 'posix_acl_create()' ? Thanks! - Xiubo > static inline void ceph_init_inode_acls(struct inode *inode, > diff --git a/fs/ext2/acl.h b/fs/ext2/acl.h > index 4a8443a2b8ec..694af789c614 100644 > --- a/fs/ext2/acl.h > +++ b/fs/ext2/acl.h > @@ -67,6 +67,7 @@ extern int ext2_init_acl (struct inode *, struct inode *); > > static inline int ext2_init_acl (struct inode *inode, struct inode *dir) > { > + inode->i_mode &= ~current_umask(); > return 0; > } > #endif > diff --git a/fs/jfs/jfs_acl.h b/fs/jfs/jfs_acl.h > index f892e54d0fcd..10791e97a46f 100644 > --- a/fs/jfs/jfs_acl.h > +++ b/fs/jfs/jfs_acl.h > @@ -17,6 +17,7 @@ int jfs_init_acl(tid_t, struct inode *, struct inode *); > static inline int jfs_init_acl(tid_t tid, struct inode *inode, > struct inode *dir) > { > + inode->i_mode &= ~current_umask(); > return 0; > } > > diff --git a/include/linux/posix_acl.h b/include/linux/posix_acl.h > index 0e65b3d634d9..54bc9b1061ca 100644 > --- a/include/linux/posix_acl.h > +++ b/include/linux/posix_acl.h > @@ -128,6 +128,7 @@ static inline void cache_no_acl(struct inode *inode) > static inline int posix_acl_create(struct inode *inode, umode_t *mode, > struct posix_acl **default_acl, struct posix_acl **acl) > { > + *mode &= ~current_umask(); > *default_acl = *acl = NULL; > return 0; > }
Powered by blists - more mailing lists