ovl: remove posix_acl_default from workdir

Clear out posix acl xattrs on workdir and also reset the mode after
creation so that an inherited sgid bit is cleared.

Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Cc: <stable@vger.kernel.org>

1 files changed, 19 insertions, 0 deletions

diff --git a/fs/overlayfs/super.c b/fs/overlayfs/super.c
index 4036132842b5..452fb7130efa 100644
--- a/fs/overlayfs/super.c
+++ b/fs/overlayfs/super.c
@@ -814,6 +814,10 @@ retry:
                 struct kstat stat = {
                         .mode = S_IFDIR | 0,
                 };
+                struct iattr attr = {
+                        .ia_valid = ATTR_MODE,
+                        .ia_mode = stat.mode,
+                };
 
                 if (work->d_inode) {
                         err = -EEXIST;
@@ -829,6 +833,21 @@ retry:
                 err = ovl_create_real(dir, work, &stat, NULL, NULL, true);
                 if (err)
                         goto out_dput;
+
+                err = vfs_removexattr(work, XATTR_NAME_POSIX_ACL_DEFAULT);
+                if (err && err != -ENODATA)
+                        goto out_dput;
+
+                err = vfs_removexattr(work, XATTR_NAME_POSIX_ACL_ACCESS);
+                if (err && err != -ENODATA)
+                        goto out_dput;
+
+                /* Clear any inherited mode bits */
+                inode_lock(work->d_inode);
+                err = notify_change(work, &attr, NULL);
+                inode_unlock(work->d_inode);
+                if (err)
+                        goto out_dput;
         }
 out_unlock:
         inode_unlock(dir);