On Fri, Apr 15, 2022 at 07:02:18PM +0800, Yang Xu wrote: > If underflying filesystem doesn't enable own CONFIG_FS_POSIX_ACL, then > posix_acl_create can't be called. So we will miss umask strip, ie > use ext4 with noacl or disblae CONFIG_EXT4_FS_POSIX_ACL. Hm, maybe: "All creation paths except for O_TMPFILE handle umask in the vfs directly if the filesystem doesn't support or enable POSIX ACLs. If the filesystem does then umask handling is deferred until posix_acl_create(). Because, O_TMPFILE misses umask handling in the vfs it will not honor umask settings. Fix this by adding the missing umask handling." > > Reported-by: Christian Brauner (Microsoft) <brauner@xxxxxxxxxx> > Signed-off-by: Yang Xu <xuyang2018.jy@xxxxxxxxxxx> > --- Acked-by: Christian Brauner (Microsoft) <brauner@xxxxxxxxxx> > fs/namei.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/fs/namei.c b/fs/namei.c > index 3f1829b3ab5b..bbc7c950bbdc 100644 > --- a/fs/namei.c > +++ b/fs/namei.c > @@ -3521,6 +3521,8 @@ struct dentry *vfs_tmpfile(struct user_namespace *mnt_userns, > child = d_alloc(dentry, &slash_name); > if (unlikely(!child)) > goto out_err; > + if (!IS_POSIXACL(dir)) > + mode &= ~current_umask(); > error = dir->i_op->tmpfile(mnt_userns, dir, child, mode); > if (error) > goto out_err; > -- > 2.27.0 >
