From: Steve French <sfrench@us.ibm.com>
Date: Fri, 2 Nov 2007 02:30:35 +0000 (+0100)
Subject: CIFS should honour umask (CVE-2007-3740)
X-Git-Tag: v2.6.16.57-rc1~13
X-Git-Url: https://git.karo-electronics.de/?a=commitdiff_plain;h=da8262844e325cc9361114c55e8507c1fee54941;p=karo-tx-linux.git

CIFS should honour umask (CVE-2007-3740)

This patch makes CIFS honour a process' umask like other filesystems.
Of course the server is still free to munge the permissions if it wants
to; but the client will send the "right" permissions to begin with.

A few caveats:

1) It only applies to filesystems that have CAP_UNIX (aka support unix
extensions)
2) It applies the correct mode to the follow up CIFSSMBUnixSetPerms()
after remote creation

When mode to CIFS/NTFS ACL mapping is complete we can do the
same thing for that case for servers which do not
support the Unix Extensions.

Signed-off-by: Matt Keenen <matt@opcode-solutions.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
Signed-off-by: Adrian Bunk <bunk@kernel.org>
---

diff --git a/fs/cifs/dir.c b/fs/cifs/dir.c
index 749d6fb488e2..b1bc91cb98a0 100644
--- a/fs/cifs/dir.c
+++ b/fs/cifs/dir.c
@@ -198,7 +198,8 @@ cifs_create(struct inode *inode, struct dentry *direntry, int mode,
 		/* If Open reported that we actually created a file
 		then we now have to set the mode if possible */
 		if ((cifs_sb->tcon->ses->capabilities & CAP_UNIX) &&
-			(oplock & CIFS_CREATE_ACTION))
+			(oplock & CIFS_CREATE_ACTION)) {
+			mode &= ~current->fs->umask;
 			if(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_SET_UID) {
 				CIFSSMBUnixSetPerms(xid, pTcon, full_path, mode,
 					(__u64)current->fsuid,
@@ -216,7 +217,7 @@ cifs_create(struct inode *inode, struct dentry *direntry, int mode,
 					cifs_sb->mnt_cifs_flags & 
 						CIFS_MOUNT_MAP_SPECIAL_CHR);
 			}
-		else {
+		} else {
 			/* BB implement mode setting via Windows security descriptors */
 			/* eg CIFSSMBWinSetPerms(xid,pTcon,full_path,mode,-1,-1,local_nls);*/
 			/* could set r/o dos attribute if mode & 0222 == 0 */
@@ -324,6 +325,7 @@ int cifs_mknod(struct inode *inode, struct dentry *direntry, int mode,
 	if(full_path == NULL)
 		rc = -ENOMEM;
 	else if (pTcon->ses->capabilities & CAP_UNIX) {
+		mode &= ~current->fs->umask;
 		if(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_SET_UID) {
 			rc = CIFSSMBUnixSetPerms(xid, pTcon, full_path,
 				mode,(__u64)current->fsuid,(__u64)current->fsgid,
diff --git a/fs/cifs/inode.c b/fs/cifs/inode.c
index f94b411f78b8..e63079d71b07 100644
--- a/fs/cifs/inode.c
+++ b/fs/cifs/inode.c
@@ -752,7 +752,8 @@ int cifs_mkdir(struct inode *inode, struct dentry *direntry, int mode)
 		d_instantiate(direntry, newinode);
 		if (direntry->d_inode)
 			direntry->d_inode->i_nlink = 2;
-		if (cifs_sb->tcon->ses->capabilities & CAP_UNIX)
+		if (cifs_sb->tcon->ses->capabilities & CAP_UNIX) {
+			mode &= ~current->fs->umask;
 			if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_SET_UID) {
 				CIFSSMBUnixSetPerms(xid, pTcon, full_path,
 						    mode,
@@ -770,7 +771,7 @@ int cifs_mkdir(struct inode *inode, struct dentry *direntry, int mode)
 						    cifs_sb->mnt_cifs_flags & 
 						    CIFS_MOUNT_MAP_SPECIAL_CHR);
 			}
-		else {
+		} else {
 			/* BB to be implemented via Windows secrty descriptors
 			   eg CIFSSMBWinSetPerms(xid, pTcon, full_path, mode,
 						 -1, -1, local_nls); */