diff options
author | James Morris <jmorris@namei.org> | 2007-04-26 03:12:05 -0400 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@suse.de> | 2007-04-27 13:57:33 -0400 |
commit | 057f6c019fff9ee290641d50647359bb8898918e (patch) | |
tree | c051a915e2038825dd2f50f24fc28abb3c4a5e79 /include/linux/namei.h | |
parent | 523ded71de0c5e66973335bf99a80edfda9f401b (diff) |
security: prevent permission checking of file removal via sysfs_remove_group()
Prevent permission checking from being performed when the kernel wants to
unconditionally remove a sysfs group, by introducing an kernel-only variant
of lookup_one_len(), lookup_one_len_kern().
Additionally, as sysfs_remove_group() does not check the return value of
the lookup before using it, a BUG_ON has been added to pinpoint the cause
of any problems potentially caused by this (and as a form of annotation).
Signed-off-by: James Morris <jmorris@namei.org>
Cc: Nagendra Singh Tomar <nagendra_tomar@adaptec.com>
Cc: Tejun Heo <htejun@gmail.com>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Eric Paris <eparis@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Diffstat (limited to 'include/linux/namei.h')
-rw-r--r-- | include/linux/namei.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/linux/namei.h b/include/linux/namei.h index d39a5a67e979..b7dd24917f0d 100644 --- a/include/linux/namei.h +++ b/include/linux/namei.h | |||
@@ -82,6 +82,7 @@ extern struct file *nameidata_to_filp(struct nameidata *nd, int flags); | |||
82 | extern void release_open_intent(struct nameidata *); | 82 | extern void release_open_intent(struct nameidata *); |
83 | 83 | ||
84 | extern struct dentry * lookup_one_len(const char *, struct dentry *, int); | 84 | extern struct dentry * lookup_one_len(const char *, struct dentry *, int); |
85 | extern struct dentry *lookup_one_len_kern(const char *, struct dentry *, int); | ||
85 | 86 | ||
86 | extern int follow_down(struct vfsmount **, struct dentry **); | 87 | extern int follow_down(struct vfsmount **, struct dentry **); |
87 | extern int follow_up(struct vfsmount **, struct dentry **); | 88 | extern int follow_up(struct vfsmount **, struct dentry **); |