parent
1e3e001c12
commit
0c35cc337b
|
@ -5,6 +5,7 @@ linux (4.19.118-3) UNRELEASED; urgency=medium
|
|||
* [rt] Add new signing key for Tom Zanussi
|
||||
* apparmor: don't try to replace stale label in ptraceme check
|
||||
(Closes: #963493)
|
||||
* nfsd: apply umask on fs without ACL support (Closes: #962254)
|
||||
|
||||
-- Salvatore Bonaccorso <carnil@debian.org> Wed, 13 May 2020 17:44:43 +0200
|
||||
|
||||
|
|
|
@ -0,0 +1,56 @@
|
|||
From: "J. Bruce Fields" <bfields@redhat.com>
|
||||
Date: Tue, 16 Jun 2020 16:43:18 -0400
|
||||
Subject: nfsd: apply umask on fs without ACL support
|
||||
Origin: http://git.linux-nfs.org/?p=bfields/linux.git;a=commit;h=22cf8419f1319ff87ec759d0ebdff4cbafaee832
|
||||
Bug-Debian: https://bugs.debian.org/962254
|
||||
|
||||
The server is failing to apply the umask when creating new objects on
|
||||
filesystems without ACL support.
|
||||
|
||||
To reproduce this, you need to use NFSv4.2 and a client and server
|
||||
recent enough to support umask, and you need to export a filesystem that
|
||||
lacks ACL support (for example, ext4 with the "noacl" mount option).
|
||||
|
||||
Filesystems with ACL support are expected to take care of the umask
|
||||
themselves (usually by calling posix_acl_create).
|
||||
|
||||
For filesystems without ACL support, this is up to the caller of
|
||||
vfs_create(), vfs_mknod(), or vfs_mkdir().
|
||||
|
||||
Reported-by: Elliott Mitchell <ehem+debian@m5p.com>
|
||||
Reported-by: Salvatore Bonaccorso <carnil@debian.org>
|
||||
Tested-by: Salvatore Bonaccorso <carnil@debian.org>
|
||||
Fixes: 47057abde515 ("nfsd: add support for the umask attribute")
|
||||
Cc: stable@vger.kernel.org
|
||||
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
|
||||
---
|
||||
fs/nfsd/vfs.c | 6 ++++++
|
||||
1 file changed, 6 insertions(+)
|
||||
|
||||
diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c
|
||||
index c3fbab1753ec..d22a056da477 100644
|
||||
--- a/fs/nfsd/vfs.c
|
||||
+++ b/fs/nfsd/vfs.c
|
||||
@@ -1226,6 +1226,9 @@ nfsd_create_locked(struct svc_rqst *rqstp, struct svc_fh *fhp,
|
||||
iap->ia_mode = 0;
|
||||
iap->ia_mode = (iap->ia_mode & S_IALLUGO) | type;
|
||||
|
||||
+ if (!IS_POSIXACL(dirp))
|
||||
+ iap->ia_mode &= ~current_umask();
|
||||
+
|
||||
err = 0;
|
||||
host_err = 0;
|
||||
switch (type) {
|
||||
@@ -1458,6 +1461,9 @@ do_nfsd_create(struct svc_rqst *rqstp, struct svc_fh *fhp,
|
||||
goto out;
|
||||
}
|
||||
|
||||
+ if (!IS_POSIXACL(dirp))
|
||||
+ iap->ia_mode &= ~current_umask();
|
||||
+
|
||||
host_err = vfs_create(dirp, dchild, iap->ia_mode, true);
|
||||
if (host_err < 0) {
|
||||
fh_drop_write(fhp);
|
||||
--
|
||||
2.27.0
|
||||
|
|
@ -103,6 +103,7 @@ bugfix/all/rtc-s35390a-set-uie_unsupported.patch
|
|||
bugfix/all/include-uapi-linux-swab.h-fix-userspace-breakage-use.patch
|
||||
bugfix/all/ALSA-pcm-oss-Place-the-plugin-buffer-overflow-checks.patch
|
||||
bugfix/all/apparmor-don-t-try-to-replace-stale-label-in-ptracem.patch
|
||||
bugfix/all/nfsd-apply-umask-on-fs-without-ACL-support.patch
|
||||
|
||||
# Miscellaneous features
|
||||
|
||||
|
|
Loading…
Reference in New Issue