4.4-stable patches

added patches:
	btrfs-don-t-clear-sgid-when-inheriting-acls.patch

diff --git a/queue-4.4/btrfs-don-t-clear-sgid-when-inheriting-acls.patch b/queue-4.4/btrfs-don-t-clear-sgid-when-inheriting-acls.patch
new file mode 100644 (file)
index 0000000..043c522
--- /dev/null
+++ b/queue-4.4/btrfs-don-t-clear-sgid-when-inheriting-acls.patch
@@ -0,0 +1,62 @@
+From b7f8a09f8097db776b8d160862540e4fc1f51296 Mon Sep 17 00:00:00 2001
+From: Jan Kara <jack@suse.cz>
+Date: Thu, 22 Jun 2017 15:31:07 +0200
+Subject: btrfs: Don't clear SGID when inheriting ACLs
+
+From: Jan Kara <jack@suse.cz>
+
+commit b7f8a09f8097db776b8d160862540e4fc1f51296 upstream.
+
+When new directory 'DIR1' is created in a directory 'DIR0' with SGID bit
+set, DIR1 is expected to have SGID bit set (and owning group equal to
+the owning group of 'DIR0'). However when 'DIR0' also has some default
+ACLs that 'DIR1' inherits, setting these ACLs will result in SGID bit on
+'DIR1' to get cleared if user is not member of the owning group.
+
+Fix the problem by moving posix_acl_update_mode() out of
+__btrfs_set_acl() into btrfs_set_acl(). That way the function will not be
+called when inheriting ACLs which is what we want as it prevents SGID
+bit clearing and the mode has been properly set by posix_acl_create()
+anyway.
+
+Fixes: 073931017b49d9458aa351605b43a7e34598caef
+CC: stable@vger.kernel.org
+CC: linux-btrfs@vger.kernel.org
+CC: David Sterba <dsterba@suse.com>
+Signed-off-by: Jan Kara <jack@suse.cz>
+Signed-off-by: David Sterba <dsterba@suse.com>
+Signed-off-by: Nikolay Borisov <nborisov@suse.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/btrfs/acl.c |   13 +++++++------
+ 1 file changed, 7 insertions(+), 6 deletions(-)
+
+--- a/fs/btrfs/acl.c
++++ b/fs/btrfs/acl.c
+@@ -82,12 +82,6 @@ static int __btrfs_set_acl(struct btrfs_
+       switch (type) {
+       case ACL_TYPE_ACCESS:
+               name = POSIX_ACL_XATTR_ACCESS;
+-              if (acl) {
+-                      ret = posix_acl_update_mode(inode, &inode->i_mode, &acl);
+-                      if (ret)
+-                              return ret;
+-              }
+-              ret = 0;
+               break;
+       case ACL_TYPE_DEFAULT:
+               if (!S_ISDIR(inode->i_mode))
+@@ -123,6 +117,13 @@ out:
+ 
+ int btrfs_set_acl(struct inode *inode, struct posix_acl *acl, int type)
+ {
++      int ret;
++
++      if (type == ACL_TYPE_ACCESS && acl) {
++              ret = posix_acl_update_mode(inode, &inode->i_mode, &acl);
++              if (ret)
++                      return ret;
++      }
+       return __btrfs_set_acl(NULL, inode, acl, type);
+ }
+ 

diff --git a/queue-4.4/series b/queue-4.4/series
index 3e520f3763936185a300fc0c0617aa8cddccb3ba..beeebc35d1e600c4b07f3f9b12b450f048a197d2 100644 (file)
--- a/queue-4.4/series
+++ b/queue-4.4/series
@@ -9,3 +9,4 @@ nospec-allow-index-argument-to-have-const-qualified-type.patch
 arm-mvebu-fix-broken-pl310_errata_753970-selects.patch
 kvm-mmu-fix-overlap-between-public-and-private-memslots.patch
 x86-syscall-sanitize-syscall-table-de-references-under-speculation-fix.patch
+btrfs-don-t-clear-sgid-when-inheriting-acls.patch