diff options
author | Theodore Ts'o <tytso@mit.edu> | 2011-12-21 14:14:31 -0500 |
---|---|---|
committer | Theodore Ts'o <tytso@mit.edu> | 2011-12-21 14:14:31 -0500 |
commit | 22cdfca5641817060dd724a9c30442f5c0675fcd (patch) | |
tree | 1202eac61dc5a04027228f375d24cf025ed6b47d /fs/ext4/ioctl.c | |
parent | 8c48f7e88e293b9dd422bd8884842aea85d30b22 (diff) |
ext4: remove unneeded file_remove_suid() from ext4_ioctl()
In the code to support EXT4_IOC_MOVE_EXT, ext4_ioctl calls
file_remove_suid() after the call to ext4_move_extents() if any
extents has been moved. There are at least three things wrong with
this. First, file_remove_suid() should be called with i_mutex down,
which is not here. Second, it should be called before the donor file
has been modified, to avoid a potential race condition. Third, and
most importantly, it's pointless, because ext4_file_extents() already
checks if the donor file has the setuid or setgid bit set, and will
return an error in that case. So the first two objections don't
really matter, since file_remove_suid() will never need to modify the
inode in any case.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Diffstat (limited to 'fs/ext4/ioctl.c')
-rw-r--r-- | fs/ext4/ioctl.c | 2 |
1 files changed, 0 insertions, 2 deletions
diff --git a/fs/ext4/ioctl.c b/fs/ext4/ioctl.c index a56796814d6a..ff1aab7cd6e8 100644 --- a/fs/ext4/ioctl.c +++ b/fs/ext4/ioctl.c | |||
@@ -247,8 +247,6 @@ setversion_out: | |||
247 | err = ext4_move_extents(filp, donor_filp, me.orig_start, | 247 | err = ext4_move_extents(filp, donor_filp, me.orig_start, |
248 | me.donor_start, me.len, &me.moved_len); | 248 | me.donor_start, me.len, &me.moved_len); |
249 | mnt_drop_write(filp->f_path.mnt); | 249 | mnt_drop_write(filp->f_path.mnt); |
250 | if (me.moved_len > 0) | ||
251 | file_remove_suid(donor_filp); | ||
252 | 250 | ||
253 | if (copy_to_user((struct move_extent __user *)arg, | 251 | if (copy_to_user((struct move_extent __user *)arg, |
254 | &me, sizeof(me))) | 252 | &me, sizeof(me))) |