From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Wed, 7 Mar 2018 17:21:48 +0000 (-0800)
Subject: 4.4-stable patches
X-Git-Tag: v4.14.25~21
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=72e0449df3740fc850e04d47a877530d90faecc1;p=thirdparty%2Fkernel%2Fstable-queue.git

4.4-stable patches

added patches:
	btrfs-don-t-clear-sgid-when-inheriting-acls.patch
---

diff --git a/queue-4.4/btrfs-don-t-clear-sgid-when-inheriting-acls.patch b/queue-4.4/btrfs-don-t-clear-sgid-when-inheriting-acls.patch
new file mode 100644
index 00000000000..043c522c2f7
--- /dev/null
+++ b/queue-4.4/btrfs-don-t-clear-sgid-when-inheriting-acls.patch
@@ -0,0 +1,62 @@
+From b7f8a09f8097db776b8d160862540e4fc1f51296 Mon Sep 17 00:00:00 2001
+From: Jan Kara <jack@suse.cz>
+Date: Thu, 22 Jun 2017 15:31:07 +0200
+Subject: btrfs: Don't clear SGID when inheriting ACLs
+
+From: Jan Kara <jack@suse.cz>
+
+commit b7f8a09f8097db776b8d160862540e4fc1f51296 upstream.
+
+When new directory 'DIR1' is created in a directory 'DIR0' with SGID bit
+set, DIR1 is expected to have SGID bit set (and owning group equal to
+the owning group of 'DIR0'). However when 'DIR0' also has some default
+ACLs that 'DIR1' inherits, setting these ACLs will result in SGID bit on
+'DIR1' to get cleared if user is not member of the owning group.
+
+Fix the problem by moving posix_acl_update_mode() out of
+__btrfs_set_acl() into btrfs_set_acl(). That way the function will not be
+called when inheriting ACLs which is what we want as it prevents SGID
+bit clearing and the mode has been properly set by posix_acl_create()
+anyway.
+
+Fixes: 073931017b49d9458aa351605b43a7e34598caef
+CC: stable@vger.kernel.org
+CC: linux-btrfs@vger.kernel.org
+CC: David Sterba <dsterba@suse.com>
+Signed-off-by: Jan Kara <jack@suse.cz>
+Signed-off-by: David Sterba <dsterba@suse.com>
+Signed-off-by: Nikolay Borisov <nborisov@suse.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/btrfs/acl.c |   13 +++++++------
+ 1 file changed, 7 insertions(+), 6 deletions(-)
+
+--- a/fs/btrfs/acl.c
++++ b/fs/btrfs/acl.c
+@@ -82,12 +82,6 @@ static int __btrfs_set_acl(struct btrfs_
+ 	switch (type) {
+ 	case ACL_TYPE_ACCESS:
+ 		name = POSIX_ACL_XATTR_ACCESS;
+-		if (acl) {
+-			ret = posix_acl_update_mode(inode, &inode->i_mode, &acl);
+-			if (ret)
+-				return ret;
+-		}
+-		ret = 0;
+ 		break;
+ 	case ACL_TYPE_DEFAULT:
+ 		if (!S_ISDIR(inode->i_mode))
+@@ -123,6 +117,13 @@ out:
+ 
+ int btrfs_set_acl(struct inode *inode, struct posix_acl *acl, int type)
+ {
++	int ret;
++
++	if (type == ACL_TYPE_ACCESS && acl) {
++		ret = posix_acl_update_mode(inode, &inode->i_mode, &acl);
++		if (ret)
++			return ret;
++	}
+ 	return __btrfs_set_acl(NULL, inode, acl, type);
+ }
+ 
diff --git a/queue-4.4/series b/queue-4.4/series
index 3e520f37639..beeebc35d1e 100644
--- a/queue-4.4/series
+++ b/queue-4.4/series
@@ -9,3 +9,4 @@ nospec-allow-index-argument-to-have-const-qualified-type.patch
 arm-mvebu-fix-broken-pl310_errata_753970-selects.patch
 kvm-mmu-fix-overlap-between-public-and-private-memslots.patch
 x86-syscall-sanitize-syscall-table-de-references-under-speculation-fix.patch
+btrfs-don-t-clear-sgid-when-inheriting-acls.patch