lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20200417075002.GB598@infradead.org>
Date:   Fri, 17 Apr 2020 00:50:02 -0700
From:   Christoph Hellwig <hch@...radead.org>
To:     Max Kellermann <mk@...all.com>
Cc:     linux-fsdevel@...r.kernel.org, linux-nfs@...r.kernel.org,
        trond.myklebust@...merspace.com, bfields@...hat.com, tytso@....edu,
        viro@...iv.linux.org.uk, agruenba@...hat.com,
        linux-kernel@...r.kernel.org, stable@...r.kernel.org
Subject: Re: [PATCH v3 2/4] fs/ext4/acl: apply umask if ACL support is
 disabled

This looks correct (modulo some minor coding style derivations),
but I think the better fix is to reuse the poix_acl_create
functionality rather than duplicating it.  Something like this:

diff --git a/fs/ext4/acl.c b/fs/ext4/acl.c
index 8c7bbf3e566d..6cff7cc31866 100644
--- a/fs/ext4/acl.c
+++ b/fs/ext4/acl.c
@@ -268,33 +268,17 @@ ext4_set_acl(struct inode *inode, struct posix_acl *acl, int type)
 /*
  * Initialize the ACLs of a new inode. Called from ext4_new_inode.
  *
- * dir->i_mutex: down
  * inode->i_mutex: up (access to inode is still exclusive)
  */
 int
-ext4_init_acl(handle_t *handle, struct inode *inode, struct inode *dir)
+ext4_init_acl(handle_t *handle, struct inode *inode, int type,
+		struct posix_acl *acl)
 {
-	struct posix_acl *default_acl, *acl;
-	int error;
+	int error = 0;
 
-	error = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl);
-	if (error)
-		return error;
-
-	if (default_acl) {
-		error = __ext4_set_acl(handle, inode, ACL_TYPE_DEFAULT,
-				       default_acl, XATTR_CREATE);
-		posix_acl_release(default_acl);
-	} else {
-		inode->i_default_acl = NULL;
-	}
 	if (acl) {
-		if (!error)
-			error = __ext4_set_acl(handle, inode, ACL_TYPE_ACCESS,
-					       acl, XATTR_CREATE);
+		error = __ext4_set_acl(handle, inode, type, acl, XATTR_CREATE);
 		posix_acl_release(acl);
-	} else {
-		inode->i_acl = NULL;
 	}
 	return error;
 }
diff --git a/fs/ext4/acl.h b/fs/ext4/acl.h
index 9b63f5416a2f..1e2927d14238 100644
--- a/fs/ext4/acl.h
+++ b/fs/ext4/acl.h
@@ -57,15 +57,16 @@ static inline int ext4_acl_count(size_t size)
 /* acl.c */
 struct posix_acl *ext4_get_acl(struct inode *inode, int type);
 int ext4_set_acl(struct inode *inode, struct posix_acl *acl, int type);
-extern int ext4_init_acl(handle_t *, struct inode *, struct inode *);
+int ext4_init_acl(handle_t *handle, struct inode *inode, int type,
+		struct posix_acl *acl);
 
 #else  /* CONFIG_EXT4_FS_POSIX_ACL */
 #include <linux/sched.h>
 #define ext4_get_acl NULL
 #define ext4_set_acl NULL
 
-static inline int
-ext4_init_acl(handle_t *handle, struct inode *inode, struct inode *dir)
+static inline int ext4_init_acl(handle_t *handle, struct inode *inode, int type,
+		struct posix_acl *acl)
 {
 	return 0;
 }
diff --git a/fs/ext4/ialloc.c b/fs/ext4/ialloc.c
index b420c9dc444d..32b03f6277c1 100644
--- a/fs/ext4/ialloc.c
+++ b/fs/ext4/ialloc.c
@@ -1168,7 +1168,17 @@ struct inode *__ext4_new_inode(handle_t *handle, struct inode *dir,
 	}
 
 	if (!(ei->i_flags & EXT4_EA_INODE_FL)) {
-		err = ext4_init_acl(handle, inode, dir);
+		struct posix_acl *default_acl, *acl;
+
+		cache_no_acl(inode);
+		err = posix_acl_create(dir, &inode->i_mode, &default_acl, &acl);
+		if (err)
+			goto fail_free_drop;
+		err = ext4_init_acl(handle, inode, ACL_TYPE_DEFAULT,
+				default_acl);
+		if (err)
+			goto fail_free_drop;
+		err = ext4_init_acl(handle, inode, ACL_TYPE_ACCESS, acl);
 		if (err)
 			goto fail_free_drop;
 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ