fuse2fs: fix in_file_group missing the primary process gid

I forgot that Unix processes have both a primary group id and a list of
supplementary group ids.  The primary is provided by the fuse client;
the supplemental groups are noted by the Groups: field of
/proc/self/status.

If a process does not have /any/ supplemental group ids, then
in_file_group returns the wrong answer if the inode gid matches the
group id provided by the fuse client because it doesn't check that
anymore.  Make it so the primary group id check always happens.

Found by generic/375.

Cc: <linux-ext4@vger.kernel.org> # v1.47.3
Fixes: 3469e6ff606af8 ("fuse2fs: fix group membership checking in op_chmod")
Signed-off-by: "Darrick J. Wong" <djwong@kernel.org>

diff --git a/misc/fuse2fs.c b/misc/fuse2fs.c
index 0ecdd4f9e93225f077335fae1ab5a3a2f783736b..b8db298cde202f09d97b88813de526638e5f9519 100644 (file)
--- a/misc/fuse2fs.c
+++ b/misc/fuse2fs.c
@@ -2303,10 +2303,14 @@ static int in_file_group(struct fuse_context *ctxt,
        gid_t gid = inode_gid(*inode);
        int ret;
 
+       /* If the inode gid matches the process' primary group, we're done. */
+       if (ctxt->gid == gid)
+               return 1;
+
        ret = get_req_groups(ff, &gids, &nr_gids);
        if (ret == -ENOENT) {
                /* magic return code for "could not get caller group info" */
-               return ctxt->gid == inode_gid(*inode);
+               return 0;
        }
        if (ret < 0)
                return ret;