aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJeff Mahoney <jeffm@suse.com>2008-05-02 15:03:58 -0400
committerChris Mason <chris.mason@oracle.com>2008-09-25 11:04:02 -0400
commit12fa8ec64f445aa932ba154053fe95432f30f2c6 (patch)
treebcc8b5799bfb81da13bc6ce7a65b281e7374dd5e
parentbb8885cc0aa6b1606143d92c70762b16026016a5 (diff)
Btrfs: Add workaround for AppArmor changing remove_suid()
In openSUSE 10.3, AppArmor modifies remove_suid to take a struct path rather than just a dentry. This patch tests that the kernel is openSUSE 10.3 or newer and adjusts the call accordingly. Debian/Ubuntu with AppArmor applied will also need a similar patch. Maintainers of btrfs under those distributions should build on this patch or, alternatively, alter their package descriptions to add -DREMOVE_SUID_PATH to the compiler command line. Signed-off-by: Jeff Mahoney <jeffm@suse.com> - --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ b/compat.h 2008-02-06 16:46:13.000000000 -0500 @@ -0,0 +1,15 @@ +#ifndef _COMPAT_H_ +#define _COMPAT_H_ + + +/* + * Even if AppArmor isn't enabled, it still has different prototypes. + * Add more distro/version pairs here to declare which has AppArmor applied. + */ +#if defined(CONFIG_SUSE_KERNEL) +# if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22) +# define REMOVE_SUID_PATH 1 +# endif +#endif + +#endif /* _COMPAT_H_ */ - --- a/file.c 2008-02-06 11:37:39.000000000 -0500 +++ b/file.c 2008-02-06 16:46:23.000000000 -0500 @@ -37,6 +37,7 @@ #include "ordered-data.h" #include "ioctl.h" #include "print-tree.h" +#include "compat.h" static int btrfs_copy_from_user(loff_t pos, int num_pages, int write_bytes, @@ -790,7 +791,11 @@ static ssize_t btrfs_file_write(struct f goto out_nolock; if (count == 0) goto out_nolock; +#ifdef REMOVE_SUID_PATH + err = remove_suid(&file->f_path); +#else err = remove_suid(fdentry(file)); +#endif if (err) goto out_nolock; file_update_time(file); Signed-off-by: Chris Mason <chris.mason@oracle.com>
-rw-r--r--fs/btrfs/compat.h25
-rw-r--r--fs/btrfs/file.c5
2 files changed, 30 insertions, 0 deletions
diff --git a/fs/btrfs/compat.h b/fs/btrfs/compat.h
new file mode 100644
index 000000000000..d39a768e65ff
--- /dev/null
+++ b/fs/btrfs/compat.h
@@ -0,0 +1,25 @@
1#ifndef _COMPAT_H_
2#define _COMPAT_H_
3
4
5/*
6 * Even if AppArmor isn't enabled, it still has different prototypes.
7 * Add more distro/version pairs here to declare which has AppArmor applied.
8 */
9#if defined(CONFIG_SUSE_KERNEL)
10# if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
11# define REMOVE_SUID_PATH 1
12# endif
13#endif
14
15/*
16 * catch any other distros that have patched in apparmor. This isn't
17 * 100% reliable because it won't catch people that hand compile their
18 * own distro kernels without apparmor compiled in. But, it is better
19 * than nothing.
20 */
21#ifdef CONFIG_SECURITY_APPARMOR
22# define REMOVE_SUID_PATH 1
23#endif
24
25#endif /* _COMPAT_H_ */
diff --git a/fs/btrfs/file.c b/fs/btrfs/file.c
index c89c3ac4b23b..df97d470812a 100644
--- a/fs/btrfs/file.c
+++ b/fs/btrfs/file.c
@@ -37,6 +37,7 @@
37#include "ordered-data.h" 37#include "ordered-data.h"
38#include "ioctl.h" 38#include "ioctl.h"
39#include "print-tree.h" 39#include "print-tree.h"
40#include "compat.h"
40 41
41 42
42static int btrfs_copy_from_user(loff_t pos, int num_pages, int write_bytes, 43static int btrfs_copy_from_user(loff_t pos, int num_pages, int write_bytes,
@@ -852,7 +853,11 @@ static ssize_t btrfs_file_write(struct file *file, const char __user *buf,
852 goto out_nolock; 853 goto out_nolock;
853 if (count == 0) 854 if (count == 0)
854 goto out_nolock; 855 goto out_nolock;
856#ifdef REMOVE_SUID_PATH
857 err = remove_suid(&file->f_path);
858#else
855 err = remove_suid(fdentry(file)); 859 err = remove_suid(fdentry(file));
860#endif
856 if (err) 861 if (err)
857 goto out_nolock; 862 goto out_nolock;
858 file_update_time(file); 863 file_update_time(file);