* [PATCH] fuse: Umask handling problem if FUSE_CAP_DONT_MASK is disabled
@ 2025-11-10 8:31 Xin Wang via B4 Relay
2025-11-25 23:30 ` Bernd Schubert
0 siblings, 1 reply; 2+ messages in thread
From: Xin Wang via B4 Relay @ 2025-11-10 8:31 UTC (permalink / raw)
To: Miklos Szeredi; +Cc: linux-fsdevel, bschubert, gwu, Xin Wang
From: Xin Wang <xwang@ddn.com>
According to umask manpage, it should be ignored if the parent has a
default ACL. But currently, if FUSE_CAP_DONT_MASK is disabled, fuse
always applies umask no matter if the parent has a default ACL or not.
This behaviior is not consistent with the behavior described in the
manpage.
Fix the problem by checking if the parent has a default ACL before
applying umask if FUSE_CAP_DONT_MASK is disabled.
---
We found that there may be a problem about umask handling in fuse code.
According to umask manpage, it should be ignored if the parent has a
default ACL. But currently, if FUSE_CAP_DONT_MASK is disabled, fuse always
applies umask no matter if the parent has a default ACL or not. So, we
think this may be a problem because it is not consistent with the behavior
described in the manpage.
umask manpage:
Alternatively, if the parent directory has a default ACL
(see acl(5)), the umask is ignored, the default ACL is inherited,
the permission bits are set based on the inherited ACL, …
Signed-off-by: Xin Wang <xwang@ddn.com>
---
fs/fuse/dir.c | 42 ++++++++++++++++++++++++++++++++++++------
1 file changed, 36 insertions(+), 6 deletions(-)
diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c
index ecaec0fea3a1..f8ab6d76ae35 100644
--- a/fs/fuse/dir.c
+++ b/fs/fuse/dir.c
@@ -645,8 +645,18 @@ static int fuse_create_open(struct mnt_idmap *idmap, struct inode *dir,
if (!ff)
goto out_put_forget_req;
- if (!fm->fc->dont_mask)
- mode &= ~current_umask();
+ if (!fm->fc->dont_mask) {
+ /*
+ * If the parent has a default ACL, the umask is
+ * ignored, the default ACL is inherited, the
+ * permission bits are set based on the inherited
+ * default ACL
+ */
+ struct posix_acl *p =
+ get_inode_acl(dir, ACL_TYPE_DEFAULT);
+ if (!p || p == ERR_PTR(-EOPNOTSUPP))
+ mode &= ~current_umask();
+ }
flags &= ~O_NOCTTY;
memset(&inarg, 0, sizeof(inarg));
@@ -872,8 +882,18 @@ static int fuse_mknod(struct mnt_idmap *idmap, struct inode *dir,
struct fuse_mount *fm = get_fuse_mount(dir);
FUSE_ARGS(args);
- if (!fm->fc->dont_mask)
- mode &= ~current_umask();
+ if (!fm->fc->dont_mask) {
+ /*
+ * If the parent has a default ACL, the umask is
+ * ignored, the default ACL is inherited, the
+ * permission bits are set based on the inherited
+ * default ACL
+ */
+ struct posix_acl *p =
+ get_inode_acl(dir, ACL_TYPE_DEFAULT);
+ if (!p || p == ERR_PTR(-EOPNOTSUPP))
+ mode &= ~current_umask();
+ }
memset(&inarg, 0, sizeof(inarg));
inarg.mode = mode;
@@ -919,8 +939,18 @@ static struct dentry *fuse_mkdir(struct mnt_idmap *idmap, struct inode *dir,
struct fuse_mount *fm = get_fuse_mount(dir);
FUSE_ARGS(args);
- if (!fm->fc->dont_mask)
- mode &= ~current_umask();
+ if (!fm->fc->dont_mask) {
+ /*
+ * If the parent has a default ACL, the umask is
+ * ignored, the default ACL is inherited, the
+ * permission bits are set based on the inherited
+ * default ACL
+ */
+ struct posix_acl *p =
+ get_inode_acl(dir, ACL_TYPE_DEFAULT);
+ if (!p || p == ERR_PTR(-EOPNOTSUPP))
+ mode &= ~current_umask();
+ }
memset(&inarg, 0, sizeof(inarg));
inarg.mode = mode;
---
base-commit: 4a0c9b3391999818e2c5b93719699b255be1f682
change-id: 20251110-fuse_acl_umask-af7b44d23658
Best regards,
--
Xin Wang <xwang@ddn.com>
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] fuse: Umask handling problem if FUSE_CAP_DONT_MASK is disabled
2025-11-10 8:31 [PATCH] fuse: Umask handling problem if FUSE_CAP_DONT_MASK is disabled Xin Wang via B4 Relay
@ 2025-11-25 23:30 ` Bernd Schubert
0 siblings, 0 replies; 2+ messages in thread
From: Bernd Schubert @ 2025-11-25 23:30 UTC (permalink / raw)
To: xwang, Miklos Szeredi; +Cc: linux-fsdevel, bschubert, gwu
On 11/10/25 09:31, Xin Wang via B4 Relay wrote:
> From: Xin Wang <xwang@ddn.com>
>
> According to umask manpage, it should be ignored if the parent has a
> default ACL. But currently, if FUSE_CAP_DONT_MASK is disabled, fuse
> always applies umask no matter if the parent has a default ACL or not.
> This behaviior is not consistent with the behavior described in the
> manpage.
>
> Fix the problem by checking if the parent has a default ACL before
> applying umask if FUSE_CAP_DONT_MASK is disabled.
>
> ---
> We found that there may be a problem about umask handling in fuse code.
> According to umask manpage, it should be ignored if the parent has a
> default ACL. But currently, if FUSE_CAP_DONT_MASK is disabled, fuse always
> applies umask no matter if the parent has a default ACL or not. So, we
> think this may be a problem because it is not consistent with the behavior
> described in the manpage.
>
> umask manpage:
> Alternatively, if the parent directory has a default ACL
> (see acl(5)), the umask is ignored, the default ACL is inherited,
> the permission bits are set based on the inherited ACL, …
We had discussed this internally, it is better to just FUSE_DONT_MASK
and FUSE_POSIX_ACL from fuse server.
Confusing in current fuse_fill_super_common() is
/* Handle umasking inside the fuse code */
if (sb->s_flags & SB_POSIXACL) ===> Where is set from
fc->dont_mask = 1;
sb->s_flags |= SB_POSIXACL;
I.e. this assumes libfuse mount or fusermount would set MS_POSIXACL?
Libfuse isn't doing that - maybe we should we add an "acl" mount
option?
Thanks,
Bernd
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2025-11-25 23:30 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-11-10 8:31 [PATCH] fuse: Umask handling problem if FUSE_CAP_DONT_MASK is disabled Xin Wang via B4 Relay
2025-11-25 23:30 ` Bernd Schubert
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).