udf: augment UDF permissions on new inodes

Windows presents files created within Linux as read-only, even when
permissions in Linux indicate the file should be writable.

UDF defines a slightly different set of basic file permissions than Linux.
Specifically, UDF has "delete" and "change attribute" permissions for each
access class (user/group/other). Linux has no equivalents for these.

When the Linux UDF driver creates a file (or directory), no UDF delete or
change attribute permissions are granted. The lack of delete permission
appears to cause Windows to mark an item read-only when its permissions
otherwise indicate that it should be read-write.

Fix this by having UDF delete permissions track Linux write permissions.
Also grant UDF change attribute permission to the owner when creating a
new inode.

Reported by: Ty Young
Signed-off-by: Steven J. Magnani <steve@digidescorp.com>
Link: https://lore.kernel.org/r/20190827121359.9954-1-steve@digidescorp.com
Signed-off-by: Jan Kara <jack@suse.cz>
This commit is contained in:
Steven J. Magnani 2019-08-27 07:13:59 -05:00 committed by Jan Kara
parent 8cbd9af9d2
commit c3367a1b47
5 changed files with 35 additions and 4 deletions

View File

@ -280,6 +280,9 @@ static int udf_setattr(struct dentry *dentry, struct iattr *attr)
return error; return error;
} }
if (attr->ia_valid & ATTR_MODE)
udf_update_extra_perms(inode, attr->ia_mode);
setattr_copy(inode, attr); setattr_copy(inode, attr);
mark_inode_dirty(inode); mark_inode_dirty(inode);
return 0; return 0;

View File

@ -118,6 +118,9 @@ struct inode *udf_new_inode(struct inode *dir, umode_t mode)
iinfo->i_lenAlloc = 0; iinfo->i_lenAlloc = 0;
iinfo->i_use = 0; iinfo->i_use = 0;
iinfo->i_checkpoint = 1; iinfo->i_checkpoint = 1;
iinfo->i_extraPerms = FE_PERM_U_CHATTR;
udf_update_extra_perms(inode, mode);
if (UDF_QUERY_FLAG(inode->i_sb, UDF_FLAG_USE_AD_IN_ICB)) if (UDF_QUERY_FLAG(inode->i_sb, UDF_FLAG_USE_AD_IN_ICB))
iinfo->i_alloc_type = ICBTAG_FLAG_AD_IN_ICB; iinfo->i_alloc_type = ICBTAG_FLAG_AD_IN_ICB;
else if (UDF_QUERY_FLAG(inode->i_sb, UDF_FLAG_USE_SHORT_AD)) else if (UDF_QUERY_FLAG(inode->i_sb, UDF_FLAG_USE_SHORT_AD))

View File

@ -45,6 +45,13 @@
#define EXTENT_MERGE_SIZE 5 #define EXTENT_MERGE_SIZE 5
#define FE_MAPPED_PERMS (FE_PERM_U_READ | FE_PERM_U_WRITE | FE_PERM_U_EXEC | \
FE_PERM_G_READ | FE_PERM_G_WRITE | FE_PERM_G_EXEC | \
FE_PERM_O_READ | FE_PERM_O_WRITE | FE_PERM_O_EXEC)
#define FE_DELETE_PERMS (FE_PERM_U_DELETE | FE_PERM_G_DELETE | \
FE_PERM_O_DELETE)
static umode_t udf_convert_permissions(struct fileEntry *); static umode_t udf_convert_permissions(struct fileEntry *);
static int udf_update_inode(struct inode *, int); static int udf_update_inode(struct inode *, int);
static int udf_sync_inode(struct inode *inode); static int udf_sync_inode(struct inode *inode);
@ -1458,6 +1465,8 @@ reread:
else else
inode->i_mode = udf_convert_permissions(fe); inode->i_mode = udf_convert_permissions(fe);
inode->i_mode &= ~sbi->s_umask; inode->i_mode &= ~sbi->s_umask;
iinfo->i_extraPerms = le32_to_cpu(fe->permissions) & ~FE_MAPPED_PERMS;
read_unlock(&sbi->s_cred_lock); read_unlock(&sbi->s_cred_lock);
link_count = le16_to_cpu(fe->fileLinkCount); link_count = le16_to_cpu(fe->fileLinkCount);
@ -1631,6 +1640,23 @@ static umode_t udf_convert_permissions(struct fileEntry *fe)
return mode; return mode;
} }
void udf_update_extra_perms(struct inode *inode, umode_t mode)
{
struct udf_inode_info *iinfo = UDF_I(inode);
/*
* UDF 2.01 sec. 3.3.3.3 Note 2:
* In Unix, delete permission tracks write
*/
iinfo->i_extraPerms &= ~FE_DELETE_PERMS;
if (mode & 0200)
iinfo->i_extraPerms |= FE_PERM_U_DELETE;
if (mode & 0020)
iinfo->i_extraPerms |= FE_PERM_G_DELETE;
if (mode & 0002)
iinfo->i_extraPerms |= FE_PERM_O_DELETE;
}
int udf_write_inode(struct inode *inode, struct writeback_control *wbc) int udf_write_inode(struct inode *inode, struct writeback_control *wbc)
{ {
return udf_update_inode(inode, wbc->sync_mode == WB_SYNC_ALL); return udf_update_inode(inode, wbc->sync_mode == WB_SYNC_ALL);
@ -1703,10 +1729,7 @@ static int udf_update_inode(struct inode *inode, int do_sync)
((inode->i_mode & 0070) << 2) | ((inode->i_mode & 0070) << 2) |
((inode->i_mode & 0700) << 4); ((inode->i_mode & 0700) << 4);
udfperms |= (le32_to_cpu(fe->permissions) & udfperms |= iinfo->i_extraPerms;
(FE_PERM_O_DELETE | FE_PERM_O_CHATTR |
FE_PERM_G_DELETE | FE_PERM_G_CHATTR |
FE_PERM_U_DELETE | FE_PERM_U_CHATTR));
fe->permissions = cpu_to_le32(udfperms); fe->permissions = cpu_to_le32(udfperms);
if (S_ISDIR(inode->i_mode) && inode->i_nlink > 0) if (S_ISDIR(inode->i_mode) && inode->i_nlink > 0)

View File

@ -38,6 +38,7 @@ struct udf_inode_info {
__u32 i_next_alloc_block; __u32 i_next_alloc_block;
__u32 i_next_alloc_goal; __u32 i_next_alloc_goal;
__u32 i_checkpoint; __u32 i_checkpoint;
__u32 i_extraPerms;
unsigned i_alloc_type : 3; unsigned i_alloc_type : 3;
unsigned i_efe : 1; /* extendedFileEntry */ unsigned i_efe : 1; /* extendedFileEntry */
unsigned i_use : 1; /* unallocSpaceEntry */ unsigned i_use : 1; /* unallocSpaceEntry */

View File

@ -170,6 +170,7 @@ extern int8_t udf_next_aext(struct inode *, struct extent_position *,
struct kernel_lb_addr *, uint32_t *, int); struct kernel_lb_addr *, uint32_t *, int);
extern int8_t udf_current_aext(struct inode *, struct extent_position *, extern int8_t udf_current_aext(struct inode *, struct extent_position *,
struct kernel_lb_addr *, uint32_t *, int); struct kernel_lb_addr *, uint32_t *, int);
extern void udf_update_extra_perms(struct inode *inode, umode_t mode);
/* misc.c */ /* misc.c */
extern struct buffer_head *udf_tgetblk(struct super_block *sb, extern struct buffer_head *udf_tgetblk(struct super_block *sb,