aboutsummaryrefslogtreecommitdiffstats
path: root/fs
diff options
context:
space:
mode:
authorMiklos Szeredi <mszeredi@suse.cz>2007-10-18 06:06:58 -0400
committerLinus Torvalds <torvalds@woody.linux-foundation.org>2007-10-18 17:37:29 -0400
commite57ac68378a287d6336d187b26971f35f7ee7251 (patch)
tree12b9ae8cc79af2d0100582e6f933aba0f4619663 /fs
parent42a2b6ad71b011144d21d88a124140bb2bf1023f (diff)
fuse: fix allowing operations
The following operation didn't check if sending the request was allowed: setattr listxattr statfs Some other operations don't explicitly do the check, but VFS calls ->permission() which checks this. Signed-off-by: Miklos Szeredi <mszeredi@suse.cz> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'fs')
-rw-r--r--fs/fuse/dir.c8
-rw-r--r--fs/fuse/fuse_i.h5
-rw-r--r--fs/fuse/inode.c5
3 files changed, 17 insertions, 1 deletions
diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c
index d1acab93133..b18e06daeff 100644
--- a/fs/fuse/dir.c
+++ b/fs/fuse/dir.c
@@ -721,7 +721,7 @@ static int fuse_refresh_attributes(struct inode *inode)
721 * for which the owner of the mount has ptrace privilege. This 721 * for which the owner of the mount has ptrace privilege. This
722 * excludes processes started by other users, suid or sgid processes. 722 * excludes processes started by other users, suid or sgid processes.
723 */ 723 */
724static int fuse_allow_task(struct fuse_conn *fc, struct task_struct *task) 724int fuse_allow_task(struct fuse_conn *fc, struct task_struct *task)
725{ 725{
726 if (fc->flags & FUSE_ALLOW_OTHER) 726 if (fc->flags & FUSE_ALLOW_OTHER)
727 return 1; 727 return 1;
@@ -1005,6 +1005,9 @@ static int fuse_setattr(struct dentry *entry, struct iattr *attr)
1005 struct fuse_attr_out outarg; 1005 struct fuse_attr_out outarg;
1006 int err; 1006 int err;
1007 1007
1008 if (!fuse_allow_task(fc, current))
1009 return -EACCES;
1010
1008 if (fc->flags & FUSE_DEFAULT_PERMISSIONS) { 1011 if (fc->flags & FUSE_DEFAULT_PERMISSIONS) {
1009 err = inode_change_ok(inode, attr); 1012 err = inode_change_ok(inode, attr);
1010 if (err) 1013 if (err)
@@ -1172,6 +1175,9 @@ static ssize_t fuse_listxattr(struct dentry *entry, char *list, size_t size)
1172 struct fuse_getxattr_out outarg; 1175 struct fuse_getxattr_out outarg;
1173 ssize_t ret; 1176 ssize_t ret;
1174 1177
1178 if (!fuse_allow_task(fc, current))
1179 return -EACCES;
1180
1175 if (fc->no_listxattr) 1181 if (fc->no_listxattr)
1176 return -EOPNOTSUPP; 1182 return -EOPNOTSUPP;
1177 1183
diff --git a/fs/fuse/fuse_i.h b/fs/fuse/fuse_i.h
index 1764506fdd1..e7464b8ebbf 100644
--- a/fs/fuse/fuse_i.h
+++ b/fs/fuse/fuse_i.h
@@ -565,3 +565,8 @@ void fuse_ctl_remove_conn(struct fuse_conn *fc);
565 * Is file type valid? 565 * Is file type valid?
566 */ 566 */
567int fuse_valid_type(int m); 567int fuse_valid_type(int m);
568
569/**
570 * Is task allowed to perform filesystem operation?
571 */
572int fuse_allow_task(struct fuse_conn *fc, struct task_struct *task);
diff --git a/fs/fuse/inode.c b/fs/fuse/inode.c
index fd0735715c1..00bb5a255de 100644
--- a/fs/fuse/inode.c
+++ b/fs/fuse/inode.c
@@ -287,6 +287,11 @@ static int fuse_statfs(struct dentry *dentry, struct kstatfs *buf)
287 struct fuse_statfs_out outarg; 287 struct fuse_statfs_out outarg;
288 int err; 288 int err;
289 289
290 if (!fuse_allow_task(fc, current)) {
291 buf->f_type = FUSE_SUPER_MAGIC;
292 return 0;
293 }
294
290 req = fuse_get_req(fc); 295 req = fuse_get_req(fc);
291 if (IS_ERR(req)) 296 if (IS_ERR(req))
292 return PTR_ERR(req); 297 return PTR_ERR(req);