From a378b608c37fec2b90c8373ec612aac279d94d0b Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Fri, 9 Mar 2018 16:13:21 -0800 Subject: [PATCH] 4.4-stable patches added patches: btrfs-preserve-i_mode-if-__btrfs_set_acl-fails.patch --- ...erve-i_mode-if-__btrfs_set_acl-fails.patch | 57 +++++++++++++++++++ queue-4.4/series | 1 + 2 files changed, 58 insertions(+) create mode 100644 queue-4.4/btrfs-preserve-i_mode-if-__btrfs_set_acl-fails.patch diff --git a/queue-4.4/btrfs-preserve-i_mode-if-__btrfs_set_acl-fails.patch b/queue-4.4/btrfs-preserve-i_mode-if-__btrfs_set_acl-fails.patch new file mode 100644 index 00000000000..28c3253070a --- /dev/null +++ b/queue-4.4/btrfs-preserve-i_mode-if-__btrfs_set_acl-fails.patch @@ -0,0 +1,57 @@ +From d7d824966530acfe32b94d1ed672e6fe1638cd68 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ernesto=20A=2E=20Fern=C3=A1ndez?= + +Date: Wed, 2 Aug 2017 03:18:27 -0300 +Subject: btrfs: preserve i_mode if __btrfs_set_acl() fails +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Ernesto A. Fernández + +commit d7d824966530acfe32b94d1ed672e6fe1638cd68 upstream. + +When changing a file's acl mask, btrfs_set_acl() will first set the +group bits of i_mode to the value of the mask, and only then set the +actual extended attribute representing the new acl. + +If the second part fails (due to lack of space, for example) and the +file had no acl attribute to begin with, the system will from now on +assume that the mask permission bits are actual group permission bits, +potentially granting access to the wrong users. + +Prevent this by restoring the original mode bits if __btrfs_set_acl +fails. + +Signed-off-by: Ernesto A. Fernández +Reviewed-by: David Sterba +Signed-off-by: David Sterba +Signed-off-by: Nikolay Borisov +Signed-off-by: Greg Kroah-Hartman + + +--- + fs/btrfs/acl.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +--- a/fs/btrfs/acl.c ++++ b/fs/btrfs/acl.c +@@ -118,13 +118,17 @@ out: + int btrfs_set_acl(struct inode *inode, struct posix_acl *acl, int type) + { + int ret; ++ umode_t old_mode = inode->i_mode; + + if (type == ACL_TYPE_ACCESS && acl) { + ret = posix_acl_update_mode(inode, &inode->i_mode, &acl); + if (ret) + return ret; + } +- return __btrfs_set_acl(NULL, inode, acl, type); ++ ret = __btrfs_set_acl(NULL, inode, acl, type); ++ if (ret) ++ inode->i_mode = old_mode; ++ return ret; + } + + /* diff --git a/queue-4.4/series b/queue-4.4/series index 9bc204e3e60..850d4b2de54 100644 --- a/queue-4.4/series +++ b/queue-4.4/series @@ -33,3 +33,4 @@ net-mpls-pull-common-label-check-into-helper.patch mpls-nospec-sanitize-array-index-in-mpls_label_ok.patch dm-io-fix-duplicate-bio-completion-due-to-missing-ref-count.patch bpf-x64-implement-retpoline-for-tail-call.patch +btrfs-preserve-i_mode-if-__btrfs_set_acl-fails.patch -- 2.47.3