From: Namjae Jeon <namjae.jeon@samsung.com> mainline inclusion from mainline-5.15-rc1 commit a9a27d4ab3de2a6a81bad4b158c74a554d78e89b category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I60T7G CVE: NA Reference: https://git.kernel.org/torvalds/linux/c/a9a27d4ab3de ------------------------------- When there is no dacl in request, ksmbd send dacl that coverted by using file permission. This patch don't set FILE DELETE and FILE_DELETE_CHILD in access mask by default. Signed-off-by: Namjae Jeon <namjae.jeon@samsung.com> Signed-off-by: Steve French <stfrench@microsoft.com> Signed-off-by: Jason Yan <yanaijie@huawei.com> Signed-off-by: Zhong Jinghua <zhongjinghua@huawei.com> --- fs/ksmbd/smbacl.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/fs/ksmbd/smbacl.c b/fs/ksmbd/smbacl.c index f6019f0dc8fd..49411e791b08 100644 --- a/fs/ksmbd/smbacl.c +++ b/fs/ksmbd/smbacl.c @@ -716,7 +716,6 @@ static void set_mode_dacl(struct smb_acl *pndacl, struct smb_fattr *fattr) ace_size = fill_ace_for_sid(pace, sid, ACCESS_ALLOWED, 0, fattr->cf_mode, 0700); pace->sid.sub_auth[pace->sid.num_subauth++] = cpu_to_le32(uid); - pace->access_req |= FILE_DELETE_LE | FILE_DELETE_CHILD_LE; pace->size = cpu_to_le16(ace_size + 4); size += le16_to_cpu(pace->size); pace = (struct smb_ace *)((char *)pndace + size); @@ -737,7 +736,6 @@ static void set_mode_dacl(struct smb_acl *pndacl, struct smb_fattr *fattr) /* creator owner */ size += fill_ace_for_sid(pace, &creator_owner, ACCESS_ALLOWED, 0x0b, fattr->cf_mode, 0700); - pace->access_req |= FILE_DELETE_LE | FILE_DELETE_CHILD_LE; pace = (struct smb_ace *)((char *)pndace + size); /* creator group */ -- 2.31.1