From mboxrd@z Thu Jan  1 00:00:00 1970
From: Bob Peterson <rpeterso@redhat.com>
Date: Thu, 31 Aug 2017 09:12:07 -0400 (EDT)
Subject: [Cluster-devel] [PATCH v2 2/2] gfs2: preserve i_mode if
	__gfs2_set_acl() fails
In-Reply-To: <20170831063333.GA7274@debian.home>
References: <ec99119d7fbbeffbaa857436ddb594cacca93e35.1503811285.git.ernesto.mnd.fernandez@gmail.com>
	<b296381ebdcad387f10354fbc7bf85bf05c6b4a9.1503811285.git.ernesto.mnd.fernandez@gmail.com>
	<1147609228.3543995.1504097026773.JavaMail.zimbra@redhat.com>
	<20170831063333.GA7274@debian.home>
Message-ID: <1998936240.4008871.1504185127694.JavaMail.zimbra@redhat.com>
List-Id: <cluster-devel.redhat.com>
To: cluster-devel.redhat.com
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

----- Original Message -----
| When changing a file's acl mask, __gfs2_set_acl() will first set the
| group bits of i_mode to the value of the mask, and only then set the
| actual extended attribute representing the new acl.
| 
| If the second part fails (due to lack of space, for example) and the
| file had no acl attribute to begin with, the system will from now on
| assume that the mask permission bits are actual group permission bits,
| potentially granting access to the wrong users.
| 
| Prevent this by only changing the inode mode after the acl has been set.
| 
| Signed-off-by: Ernesto A. Fern?ndez <ernesto.mnd.fernandez@gmail.com>
| ---
Hi,

Thanks. This is now pushed to the for-next branch of the linux-gfs2 tree:
https://git.kernel.org/pub/scm/linux/kernel/git/gfs2/linux-gfs2.git/commit/fs/gfs2?h=for-next&id=309e8cda596f6552a32dd14b969ce9b17f837f2f

Regards,

Bob Peterson
Red Hat File Systems