diff options
author | Al Viro <viro@zeniv.linux.org.uk> | 2011-06-20 19:06:22 -0400 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2011-07-20 01:43:19 -0400 |
commit | 9c2c703929e4c41210cfa6e3f599514421bab8dc (patch) | |
tree | 2086738f22755ad18ba18ab2ee0f2b23d651da60 /fs/namei.c | |
parent | 1fc0f78ca9f311c6277e2f1b7655bb4d43ceb311 (diff) |
->permission() sanitizing: pass MAY_NOT_BLOCK to ->check_acl()
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'fs/namei.c')
-rw-r--r-- | fs/namei.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/fs/namei.c b/fs/namei.c index 723a3fe4bc40..e0624e2f0bba 100644 --- a/fs/namei.c +++ b/fs/namei.c | |||
@@ -181,7 +181,7 @@ static int acl_permission_check(struct inode *inode, int mask, unsigned int flag | |||
181 | int (*check_acl)(struct inode *inode, int mask, unsigned int flags); | 181 | int (*check_acl)(struct inode *inode, int mask, unsigned int flags); |
182 | unsigned int mode = inode->i_mode; | 182 | unsigned int mode = inode->i_mode; |
183 | 183 | ||
184 | mask &= MAY_READ | MAY_WRITE | MAY_EXEC; | 184 | mask &= MAY_READ | MAY_WRITE | MAY_EXEC | MAY_NOT_BLOCK; |
185 | 185 | ||
186 | if (current_user_ns() != inode_userns(inode)) | 186 | if (current_user_ns() != inode_userns(inode)) |
187 | goto other_perms; | 187 | goto other_perms; |
@@ -204,7 +204,7 @@ other_perms: | |||
204 | /* | 204 | /* |
205 | * If the DACs are ok we don't need any capability check. | 205 | * If the DACs are ok we don't need any capability check. |
206 | */ | 206 | */ |
207 | if ((mask & ~mode) == 0) | 207 | if ((mask & ~mode & (MAY_READ | MAY_WRITE | MAY_EXEC)) == 0) |
208 | return 0; | 208 | return 0; |
209 | return -EACCES; | 209 | return -EACCES; |
210 | } | 210 | } |