From patchwork Tue Apr 26 04:19:50 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yang Xu X-Patchwork-Id: 566175 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6816DC433FE for ; Tue, 26 Apr 2022 03:19:39 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S242914AbiDZDWn (ORCPT ); Mon, 25 Apr 2022 23:22:43 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49432 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232679AbiDZDWj (ORCPT ); Mon, 25 Apr 2022 23:22:39 -0400 Received: from mail1.bemta34.messagelabs.com (mail1.bemta34.messagelabs.com [195.245.231.2]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C5C85939B3; Mon, 25 Apr 2022 20:19:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fujitsu.com; s=170520fj; t=1650943171; i=@fujitsu.com; bh=8H4EYBmAmvlD4ppPy7czpIZvvSugYPtrUgavqYgtwHU=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=jkkgporBoA4Ux3kMbPf/FzsmiT8WrCB0YX7xhPQc7iknsE2PlSgsvVQP2aF0gpAKD 3UWrWlrgWNFYIJwKY6YkyzUKoHMkTRIqnxz6NRKJrFCPSP+gg1263kip8ZGSJ+aL4O NAG5f2uqTg6gOs46MLle5kz7JlQHCjIyyqzf0hKJxlIrO5fYQoIQ2RHv8uckZBzk+l OQkU4kspTCDxcIwPAg4bufkOsk8g0O77U9pFl40GKG7dK1VDFjboU2fOwUJBWW46g3 dkFj+xCAo++ud2H3ob+GwzQfJpxtOrFeO6Zij5AwaPU+dMrQPCyb+q+k9c5//+qBZG Kg0YmpP1r1BPw== X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFmplleJIrShJLcpLzFFi42Kxs+FI1D2Ykp5 k0LtD1OL14U+MFh9uTmKy2HLsHqPF5Sd8Fj+XrWK32LP3JIvFgo2PGC3O/z3OavH7xxw2B06P U4skPDav0PLYtKqTzePzJjmPTU/eMgWwRrFm5iXlVySwZszd+5a5YBNnxYYJu9gbGDs4uhi5O IQEtjBKdK3/wQThLGCSWPx2FxuEs4dRYlrfKpYuRk4ONgFNiWedC5hBbBEBR4kX7TNYQIqYBc 4ySnTMWMQOkhAWcJLYfPsFWAOLgKrEhtkLmEBsXgEPiZ5Ta8FqJAQUJKY8fA82iFPAU+LX8XY 2EFsIqGbF0lmMEPWCEidnPgGbwywgIXHwxQtmiF5FiUsd3xgh7AqJWbPamCBsNYmr5zYxT2AU nIWkfRaS9gWMTKsYrZOKMtMzSnITM3N0DQ0MdA0NTXWNLXWNDAz0Eqt0E/VSS3XLU4tLdI30E suL9VKLi/WKK3OTc1L08lJLNjECYyelWP3EDsanK3/qHWKU5GBSEuXdkpSeJMSXlJ9SmZFYnB FfVJqTWnyIUYaDQ0mClxUkJ1iUmp5akZaZA4xjmLQEB4+SCG8ZSJq3uCAxtzgzHSJ1ilFRSpz XBRj9QgIgiYzSPLg2WOq4xCgrJczLyMDAIMRTkFqUm1mCKv+KUZyDUUmYlwNkCk9mXgnc9FdA i5mAFn+qTQVZXJKIkJJqYNowc+8M34V6f39enJ/y9hTnnqfGF6eGKEhUdp7sP3E6Yd83H7Gzq hN2LPG3q153aKaxruy7nz+XqYTycwUfzSzgqLBpr2qxWsCb8XWOVyqb4AGlY8FRmediJe2r50 ++UR9qE7pxnrrbgkePJlno8HFMeCt74FSS3aNqkcDqV9OueXxWvZe+l0HwwV273IjdohlPvn3 f+NNA4uJa2bB3U8/K/WvfLt1x+9GhUr+Tv/ff2sGz4FGBErN8dPHGp+kndrjeunTk3M49P6Qv TXJjFhJkrsqwvz9POJH59ledbP1IFpb4cDv5Bi7jgJ3JG//0nU6YemXvgm+uzk8Dr+2/m8y34 SKX7v99Jozbz29Y2rtCiaU4I9FQi7moOBEA7/479JgDAAA= X-Env-Sender: xuyang2018.jy@fujitsu.com X-Msg-Ref: server-5.tower-565.messagelabs.com!1650943169!150990!1 X-Originating-IP: [62.60.8.97] X-SYMC-ESS-Client-Auth: outbound-route-from=pass X-StarScan-Received: X-StarScan-Version: 9.85.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 16073 invoked from network); 26 Apr 2022 03:19:29 -0000 Received: from unknown (HELO n03ukasimr01.n03.fujitsu.local) (62.60.8.97) by server-5.tower-565.messagelabs.com with ECDHE-RSA-AES256-GCM-SHA384 encrypted SMTP; 26 Apr 2022 03:19:29 -0000 Received: from n03ukasimr01.n03.fujitsu.local (localhost [127.0.0.1]) by n03ukasimr01.n03.fujitsu.local (Postfix) with ESMTP id C0BC3100191; Tue, 26 Apr 2022 04:19:28 +0100 (BST) Received: from R01UKEXCASM126.r01.fujitsu.local (unknown [10.183.43.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by n03ukasimr01.n03.fujitsu.local (Postfix) with ESMTPS id 985FA10004D; Tue, 26 Apr 2022 04:19:28 +0100 (BST) Received: from localhost.localdomain (10.167.220.84) by R01UKEXCASM126.r01.fujitsu.local (10.183.43.178) with Microsoft SMTP Server (TLS) id 15.0.1497.32; Tue, 26 Apr 2022 04:19:00 +0100 From: Yang Xu To: , CC: , , , , , , Yang Xu , Subject: [PATCH v7 2/4] fs: Add missing umask strip in vfs_tmpfile Date: Tue, 26 Apr 2022 12:19:50 +0800 Message-ID: <1650946792-9545-2-git-send-email-xuyang2018.jy@fujitsu.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1650946792-9545-1-git-send-email-xuyang2018.jy@fujitsu.com> References: <1650946792-9545-1-git-send-email-xuyang2018.jy@fujitsu.com> MIME-Version: 1.0 X-Originating-IP: [10.167.220.84] X-ClientProxiedBy: G08CNEXCHPEKD07.g08.fujitsu.local (10.167.33.80) To R01UKEXCASM126.r01.fujitsu.local (10.183.43.178) X-Virus-Scanned: ClamAV using ClamSMTP Precedence: bulk List-ID: X-Mailing-List: ceph-devel@vger.kernel.org All creation paths except for O_TMPFILE handle umask in the vfs directly if the filesystem doesn't support or enable POSIX ACLs. If the filesystem does then umask handling is deferred until posix_acl_create(). Because, O_TMPFILE misses umask handling in the vfs it will not honor umask settings. Fix this by adding the missing umask handling. Fixes: 60545d0d4610 ("[O_TMPFILE] it's still short a few helpers, but infrastructure should be OK now...") Cc: # 4.19+ Reported-by: Christian Brauner (Microsoft) Acked-by: Christian Brauner (Microsoft) Reviewed-by: Darrick J. Wong Signed-off-by: Yang Xu --- fs/namei.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/fs/namei.c b/fs/namei.c index 509657fdf4f5..73646e28fae0 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -3521,6 +3521,8 @@ struct dentry *vfs_tmpfile(struct user_namespace *mnt_userns, child = d_alloc(dentry, &slash_name); if (unlikely(!child)) goto out_err; + if (!IS_POSIXACL(dir)) + mode &= ~current_umask(); error = dir->i_op->tmpfile(mnt_userns, dir, child, mode); if (error) goto out_err; From patchwork Tue Apr 26 04:19:52 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yang Xu X-Patchwork-Id: 566174 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id BF827C433F5 for ; Tue, 26 Apr 2022 03:19:50 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S242984AbiDZDWy (ORCPT ); Mon, 25 Apr 2022 23:22:54 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49888 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240250AbiDZDWr (ORCPT ); Mon, 25 Apr 2022 23:22:47 -0400 Received: from mail1.bemta36.messagelabs.com (mail1.bemta36.messagelabs.com [85.158.142.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8F8EC939BC; Mon, 25 Apr 2022 20:19:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fujitsu.com; s=170520fj; t=1650943179; i=@fujitsu.com; bh=c5FCpwWbwNZnqJjma6yo9VosB0Dzi2MqAMD84YLxtik=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=fUXBqVyEvw/5IispoMnJ1mjZEEqWRIQQeu7OyjUoadguRMM1XKYIRmfXke8qkFPiy btgwT+2QHUwHziBNmlE1NN6nj3EnSNUEEvxwcsuqzeG7dQLzzCYb7l4cDIi+CQP/fg 7A8mO+AvD6SJ+R/WcUNj0bDcTbNrFop9A4ZUE15tYc4ubDJ0AYJUCJJGwaps51WAR/ x6DphjzhiCoayBaKBSVXz3oXBXzxIiIZ0toQFkkZFhwq4YoTorqFzegpIyYcVcsbF9 2noE9aIocBUHl+kopsFr04oKGAYecEwBWMgk0JE78v1yhjYx5NGOM7kwTC6W5yItso gstZTnoOPPfsQ== X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrGIsWRWlGSWpSXmKPExsViZ8MxRfdUSnq SQcNDDovXhz8xWny4OYnJYsuxe4wWl5/wWfxctordYs/ekywW5/8eZ7X4/WMOmwOHx6lFEh6b V2h5bFrVyebxeZOcx6Ynb5kCWKNYM/OS8isSWDN6FixmK9jKXrFnfStrA+Myti5GLg4hgdeME ptu3WeBcPYwSnz6spW5i5GTg01AU+JZ5wIwW0TAUeJF+wywImaBQ4wS9w91gSWEBcIlZnavYQ KxWQRUJdbc6QGzeQU8JLZ962cHsSUEFCSmPHwPVs8p4Cnx63g7G4gtBFSzYuksRoh6QYmTM5+ wgNjMAhISB1+8YIboVZS41PGNEcKukJg1q41pAiP/LCQts5C0LGBkWsVol1SUmZ5RkpuYmaNr aGCga2hoqmtmqWtoaaqXWKWbqJdaqpucmldSlAiU1kssL9ZLLS7WK67MTc5J0ctLLdnECIyCl GLXwzsYd/f91DvEKMnBpCTKuyUpPUmILyk/pTIjsTgjvqg0J7X4EKMMB4eSBC8rSE6wKDU9tS ItMwcYkTBpCQ4eJRHeMpA0b3FBYm5xZjpE6hSjLsfT5yf2Mgux5OXnpUqJ87oA41tIAKQoozQ PbgQsOVxilJUS5mVkYGAQ4ilILcrNLEGVf8UozsGoJAwxhSczrwRu0yugI5iAjvhUmwpyREki QkqqgUnZWPOn2/mKRy3mueeSnrRqs5oIz7/APp3DdMVuIZsv5rsi5K5cqdjGf3yHQfL5be8rn xxJc/TrCRGYUPwgu1b72a4TBhE340UqAjhPuzgXHXhUu623fkHQkbv2Tx6ztF4XYjiVOqPO3o WZ76bt0vsq+X3igS0NXJv4jv1YfHND9/xyRZ+H1renxsb7TeRWnfXy6qsPIbFHKtNXpIQz8tx heZI9JyV5/WHpSQrSH8vZpx56GXF8mnek0LWyWZf8Xu+5+Pbhjp8blk9Vvvow2bZsh79G7JUM L51JPzf0nXE9mblA26qocMb2Rc4LHvgvniB3sCBFiPN9zqPughjhMz57n/RelRFPefc2l9Fc0 ESJpTgj0VCLuag4EQCCJj5IiQMAAA== X-Env-Sender: xuyang2018.jy@fujitsu.com X-Msg-Ref: server-20.tower-532.messagelabs.com!1650943177!213272!1 X-Originating-IP: [62.60.8.148] X-SYMC-ESS-Client-Auth: outbound-route-from=pass X-StarScan-Received: X-StarScan-Version: 9.85.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 4507 invoked from network); 26 Apr 2022 03:19:38 -0000 Received: from unknown (HELO mailhost1.uk.fujitsu.com) (62.60.8.148) by server-20.tower-532.messagelabs.com with ECDHE-RSA-AES256-GCM-SHA384 encrypted SMTP; 26 Apr 2022 03:19:38 -0000 Received: from R01UKEXCASM126.r01.fujitsu.local ([10.183.43.178]) by mailhost1.uk.fujitsu.com (8.14.5/8.14.5) with ESMTP id 23Q3Jb7O022457 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 26 Apr 2022 04:19:37 +0100 Received: from localhost.localdomain (10.167.220.84) by R01UKEXCASM126.r01.fujitsu.local (10.183.43.178) with Microsoft SMTP Server (TLS) id 15.0.1497.32; Tue, 26 Apr 2022 04:19:33 +0100 From: Yang Xu To: , CC: , , , , , , Yang Xu Subject: [PATCH v7 4/4] ceph: Remove S_ISGID stripping code in ceph_finish_async_create Date: Tue, 26 Apr 2022 12:19:52 +0800 Message-ID: <1650946792-9545-4-git-send-email-xuyang2018.jy@fujitsu.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1650946792-9545-1-git-send-email-xuyang2018.jy@fujitsu.com> References: <1650946792-9545-1-git-send-email-xuyang2018.jy@fujitsu.com> MIME-Version: 1.0 X-Originating-IP: [10.167.220.84] X-ClientProxiedBy: G08CNEXCHPEKD07.g08.fujitsu.local (10.167.33.80) To R01UKEXCASM126.r01.fujitsu.local (10.183.43.178) Precedence: bulk List-ID: X-Mailing-List: ceph-devel@vger.kernel.org Previous patches moved sgid stripping exclusively into the vfs. So manual sgid stripping by the filesystem isn't needed anymore. Reviewed-by: Xiubo Li Reviewed-by: Christian Brauner (Microsoft) Signed-off-by: Yang Xu --- fs/ceph/file.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/fs/ceph/file.c b/fs/ceph/file.c index 6c9e837aa1d3..8e3b99853333 100644 --- a/fs/ceph/file.c +++ b/fs/ceph/file.c @@ -651,10 +651,6 @@ static int ceph_finish_async_create(struct inode *dir, struct dentry *dentry, /* Directories always inherit the setgid bit. */ if (S_ISDIR(mode)) mode |= S_ISGID; - else if ((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP) && - !in_group_p(dir->i_gid) && - !capable_wrt_inode_uidgid(&init_user_ns, dir, CAP_FSETID)) - mode &= ~S_ISGID; } else { in.gid = cpu_to_le32(from_kgid(&init_user_ns, current_fsgid())); }