aboutsummaryrefslogtreecommitdiffstats
path: root/fs
diff options
context:
space:
mode:
authorAl Viro <viro@zeniv.linux.org.uk>2011-06-20 19:06:22 -0400
committerAl Viro <viro@zeniv.linux.org.uk>2011-07-20 01:43:19 -0400
commit9c2c703929e4c41210cfa6e3f599514421bab8dc (patch)
tree2086738f22755ad18ba18ab2ee0f2b23d651da60 /fs
parent1fc0f78ca9f311c6277e2f1b7655bb4d43ceb311 (diff)
->permission() sanitizing: pass MAY_NOT_BLOCK to ->check_acl()
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'fs')
-rw-r--r--fs/9p/acl.c2
-rw-r--r--fs/btrfs/acl.c3
-rw-r--r--fs/ext2/acl.c2
-rw-r--r--fs/ext3/acl.c2
-rw-r--r--fs/ext4/acl.c2
-rw-r--r--fs/generic_acl.c2
-rw-r--r--fs/gfs2/acl.c2
-rw-r--r--fs/jffs2/acl.c2
-rw-r--r--fs/jfs/acl.c2
-rw-r--r--fs/namei.c4
-rw-r--r--fs/ocfs2/acl.c2
-rw-r--r--fs/reiserfs/xattr.c2
-rw-r--r--fs/xfs/linux-2.6/xfs_acl.c2
13 files changed, 14 insertions, 15 deletions
diff --git a/fs/9p/acl.c b/fs/9p/acl.c
index 535ab6eccb1a..94af68b092af 100644
--- a/fs/9p/acl.c
+++ b/fs/9p/acl.c
@@ -101,7 +101,7 @@ int v9fs_check_acl(struct inode *inode, int mask, unsigned int flags)
101 struct posix_acl *acl; 101 struct posix_acl *acl;
102 struct v9fs_session_info *v9ses; 102 struct v9fs_session_info *v9ses;
103 103
104 if (flags & IPERM_FLAG_RCU) 104 if (mask & MAY_NOT_BLOCK)
105 return -ECHILD; 105 return -ECHILD;
106 106
107 v9ses = v9fs_inode2v9ses(inode); 107 v9ses = v9fs_inode2v9ses(inode);
diff --git a/fs/btrfs/acl.c b/fs/btrfs/acl.c
index f66fc9959733..a25a4a2e0df2 100644
--- a/fs/btrfs/acl.c
+++ b/fs/btrfs/acl.c
@@ -199,10 +199,9 @@ int btrfs_check_acl(struct inode *inode, int mask, unsigned int flags)
199{ 199{
200 int error = -EAGAIN; 200 int error = -EAGAIN;
201 201
202 if (flags & IPERM_FLAG_RCU) { 202 if (mask & MAY_NOT_BLOCK) {
203 if (!negative_cached_acl(inode, ACL_TYPE_ACCESS)) 203 if (!negative_cached_acl(inode, ACL_TYPE_ACCESS))
204 error = -ECHILD; 204 error = -ECHILD;
205
206 } else { 205 } else {
207 struct posix_acl *acl; 206 struct posix_acl *acl;
208 acl = btrfs_get_acl(inode, ACL_TYPE_ACCESS); 207 acl = btrfs_get_acl(inode, ACL_TYPE_ACCESS);
diff --git a/fs/ext2/acl.c b/fs/ext2/acl.c
index abea5a17c764..6b9442d1be52 100644
--- a/fs/ext2/acl.c
+++ b/fs/ext2/acl.c
@@ -236,7 +236,7 @@ ext2_check_acl(struct inode *inode, int mask, unsigned int flags)
236{ 236{
237 struct posix_acl *acl; 237 struct posix_acl *acl;
238 238
239 if (flags & IPERM_FLAG_RCU) { 239 if (mask & MAY_NOT_BLOCK) {
240 if (!negative_cached_acl(inode, ACL_TYPE_ACCESS)) 240 if (!negative_cached_acl(inode, ACL_TYPE_ACCESS))
241 return -ECHILD; 241 return -ECHILD;
242 return -EAGAIN; 242 return -EAGAIN;
diff --git a/fs/ext3/acl.c b/fs/ext3/acl.c
index 9d021c0d472a..0a6940d6c30c 100644
--- a/fs/ext3/acl.c
+++ b/fs/ext3/acl.c
@@ -244,7 +244,7 @@ ext3_check_acl(struct inode *inode, int mask, unsigned int flags)
244{ 244{
245 struct posix_acl *acl; 245 struct posix_acl *acl;
246 246
247 if (flags & IPERM_FLAG_RCU) { 247 if (mask & MAY_NOT_BLOCK) {
248 if (!negative_cached_acl(inode, ACL_TYPE_ACCESS)) 248 if (!negative_cached_acl(inode, ACL_TYPE_ACCESS))
249 return -ECHILD; 249 return -ECHILD;
250 return -EAGAIN; 250 return -EAGAIN;
diff --git a/fs/ext4/acl.c b/fs/ext4/acl.c
index 21eacd7b7d79..4f54252e439e 100644
--- a/fs/ext4/acl.c
+++ b/fs/ext4/acl.c
@@ -242,7 +242,7 @@ ext4_check_acl(struct inode *inode, int mask, unsigned int flags)
242{ 242{
243 struct posix_acl *acl; 243 struct posix_acl *acl;
244 244
245 if (flags & IPERM_FLAG_RCU) { 245 if (mask & MAY_NOT_BLOCK) {
246 if (!negative_cached_acl(inode, ACL_TYPE_ACCESS)) 246 if (!negative_cached_acl(inode, ACL_TYPE_ACCESS))
247 return -ECHILD; 247 return -ECHILD;
248 return -EAGAIN; 248 return -EAGAIN;
diff --git a/fs/generic_acl.c b/fs/generic_acl.c
index 8f26d1a58912..5976bb1fa4ca 100644
--- a/fs/generic_acl.c
+++ b/fs/generic_acl.c
@@ -192,7 +192,7 @@ generic_acl_chmod(struct inode *inode)
192int 192int
193generic_check_acl(struct inode *inode, int mask, unsigned int flags) 193generic_check_acl(struct inode *inode, int mask, unsigned int flags)
194{ 194{
195 if (flags & IPERM_FLAG_RCU) { 195 if (mask & MAY_NOT_BLOCK) {
196 if (!negative_cached_acl(inode, ACL_TYPE_ACCESS)) 196 if (!negative_cached_acl(inode, ACL_TYPE_ACCESS))
197 return -ECHILD; 197 return -ECHILD;
198 } else { 198 } else {
diff --git a/fs/gfs2/acl.c b/fs/gfs2/acl.c
index cbc07155b1a0..4d97352d39a1 100644
--- a/fs/gfs2/acl.c
+++ b/fs/gfs2/acl.c
@@ -80,7 +80,7 @@ int gfs2_check_acl(struct inode *inode, int mask, unsigned int flags)
80 struct posix_acl *acl; 80 struct posix_acl *acl;
81 int error; 81 int error;
82 82
83 if (flags & IPERM_FLAG_RCU) { 83 if (mask & MAY_NOT_BLOCK) {
84 if (!negative_cached_acl(inode, ACL_TYPE_ACCESS)) 84 if (!negative_cached_acl(inode, ACL_TYPE_ACCESS))
85 return -ECHILD; 85 return -ECHILD;
86 return -EAGAIN; 86 return -EAGAIN;
diff --git a/fs/jffs2/acl.c b/fs/jffs2/acl.c
index 828a0e1ea438..952afb59e6f1 100644
--- a/fs/jffs2/acl.c
+++ b/fs/jffs2/acl.c
@@ -264,7 +264,7 @@ int jffs2_check_acl(struct inode *inode, int mask, unsigned int flags)
264 struct posix_acl *acl; 264 struct posix_acl *acl;
265 int rc; 265 int rc;
266 266
267 if (flags & IPERM_FLAG_RCU) 267 if (mask & MAY_NOT_BLOCK)
268 return -ECHILD; 268 return -ECHILD;
269 269
270 acl = jffs2_get_acl(inode, ACL_TYPE_ACCESS); 270 acl = jffs2_get_acl(inode, ACL_TYPE_ACCESS);
diff --git a/fs/jfs/acl.c b/fs/jfs/acl.c
index e5de9422fa32..859ae5a92166 100644
--- a/fs/jfs/acl.c
+++ b/fs/jfs/acl.c
@@ -118,7 +118,7 @@ int jfs_check_acl(struct inode *inode, int mask, unsigned int flags)
118{ 118{
119 struct posix_acl *acl; 119 struct posix_acl *acl;
120 120
121 if (flags & IPERM_FLAG_RCU) 121 if (mask & MAY_NOT_BLOCK)
122 return -ECHILD; 122 return -ECHILD;
123 123
124 acl = jfs_get_acl(inode, ACL_TYPE_ACCESS); 124 acl = jfs_get_acl(inode, ACL_TYPE_ACCESS);
diff --git a/fs/namei.c b/fs/namei.c
index 723a3fe4bc40..e0624e2f0bba 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -181,7 +181,7 @@ static int acl_permission_check(struct inode *inode, int mask, unsigned int flag
181 int (*check_acl)(struct inode *inode, int mask, unsigned int flags); 181 int (*check_acl)(struct inode *inode, int mask, unsigned int flags);
182 unsigned int mode = inode->i_mode; 182 unsigned int mode = inode->i_mode;
183 183
184 mask &= MAY_READ | MAY_WRITE | MAY_EXEC; 184 mask &= MAY_READ | MAY_WRITE | MAY_EXEC | MAY_NOT_BLOCK;
185 185
186 if (current_user_ns() != inode_userns(inode)) 186 if (current_user_ns() != inode_userns(inode))
187 goto other_perms; 187 goto other_perms;
@@ -204,7 +204,7 @@ other_perms:
204 /* 204 /*
205 * If the DACs are ok we don't need any capability check. 205 * If the DACs are ok we don't need any capability check.
206 */ 206 */
207 if ((mask & ~mode) == 0) 207 if ((mask & ~mode & (MAY_READ | MAY_WRITE | MAY_EXEC)) == 0)
208 return 0; 208 return 0;
209 return -EACCES; 209 return -EACCES;
210} 210}
diff --git a/fs/ocfs2/acl.c b/fs/ocfs2/acl.c
index e913ad130fdd..4b683ccc4506 100644
--- a/fs/ocfs2/acl.c
+++ b/fs/ocfs2/acl.c
@@ -297,7 +297,7 @@ int ocfs2_check_acl(struct inode *inode, int mask, unsigned int flags)
297 struct posix_acl *acl; 297 struct posix_acl *acl;
298 int ret = -EAGAIN; 298 int ret = -EAGAIN;
299 299
300 if (flags & IPERM_FLAG_RCU) 300 if (mask & MAY_NOT_BLOCK)
301 return -ECHILD; 301 return -ECHILD;
302 302
303 osb = OCFS2_SB(inode->i_sb); 303 osb = OCFS2_SB(inode->i_sb);
diff --git a/fs/reiserfs/xattr.c b/fs/reiserfs/xattr.c
index ddc5301d2986..6747470ec103 100644
--- a/fs/reiserfs/xattr.c
+++ b/fs/reiserfs/xattr.c
@@ -879,7 +879,7 @@ int reiserfs_check_acl(struct inode *inode, int mask, unsigned int flags)
879 if (get_inode_sd_version(inode) == STAT_DATA_V1) 879 if (get_inode_sd_version(inode) == STAT_DATA_V1)
880 return -EAGAIN; 880 return -EAGAIN;
881 881
882 if (flags & IPERM_FLAG_RCU) 882 if (mask & MAY_NOT_BLOCK)
883 return -ECHILD; 883 return -ECHILD;
884 884
885 acl = reiserfs_get_acl(inode, ACL_TYPE_ACCESS); 885 acl = reiserfs_get_acl(inode, ACL_TYPE_ACCESS);
diff --git a/fs/xfs/linux-2.6/xfs_acl.c b/fs/xfs/linux-2.6/xfs_acl.c
index 39f4f809bb68..278e6736135a 100644
--- a/fs/xfs/linux-2.6/xfs_acl.c
+++ b/fs/xfs/linux-2.6/xfs_acl.c
@@ -235,7 +235,7 @@ xfs_check_acl(struct inode *inode, int mask, unsigned int flags)
235 if (!XFS_IFORK_Q(ip)) 235 if (!XFS_IFORK_Q(ip))
236 return -EAGAIN; 236 return -EAGAIN;
237 237
238 if (flags & IPERM_FLAG_RCU) { 238 if (mask & MAY_NOT_BLOCK) {
239 if (!negative_cached_acl(inode, ACL_TYPE_ACCESS)) 239 if (!negative_cached_acl(inode, ACL_TYPE_ACCESS))
240 return -ECHILD; 240 return -ECHILD;
241 return -EAGAIN; 241 return -EAGAIN;