提交 9c2c7039 编写于 作者: A Al Viro

->permission() sanitizing: pass MAY_NOT_BLOCK to ->check_acl()

Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
上级 1fc0f78c
...@@ -101,7 +101,7 @@ int v9fs_check_acl(struct inode *inode, int mask, unsigned int flags) ...@@ -101,7 +101,7 @@ int v9fs_check_acl(struct inode *inode, int mask, unsigned int flags)
struct posix_acl *acl; struct posix_acl *acl;
struct v9fs_session_info *v9ses; struct v9fs_session_info *v9ses;
if (flags & IPERM_FLAG_RCU) if (mask & MAY_NOT_BLOCK)
return -ECHILD; return -ECHILD;
v9ses = v9fs_inode2v9ses(inode); v9ses = v9fs_inode2v9ses(inode);
......
...@@ -199,10 +199,9 @@ int btrfs_check_acl(struct inode *inode, int mask, unsigned int flags) ...@@ -199,10 +199,9 @@ int btrfs_check_acl(struct inode *inode, int mask, unsigned int flags)
{ {
int error = -EAGAIN; int error = -EAGAIN;
if (flags & IPERM_FLAG_RCU) { if (mask & MAY_NOT_BLOCK) {
if (!negative_cached_acl(inode, ACL_TYPE_ACCESS)) if (!negative_cached_acl(inode, ACL_TYPE_ACCESS))
error = -ECHILD; error = -ECHILD;
} else { } else {
struct posix_acl *acl; struct posix_acl *acl;
acl = btrfs_get_acl(inode, ACL_TYPE_ACCESS); acl = btrfs_get_acl(inode, ACL_TYPE_ACCESS);
......
...@@ -236,7 +236,7 @@ ext2_check_acl(struct inode *inode, int mask, unsigned int flags) ...@@ -236,7 +236,7 @@ ext2_check_acl(struct inode *inode, int mask, unsigned int flags)
{ {
struct posix_acl *acl; struct posix_acl *acl;
if (flags & IPERM_FLAG_RCU) { if (mask & MAY_NOT_BLOCK) {
if (!negative_cached_acl(inode, ACL_TYPE_ACCESS)) if (!negative_cached_acl(inode, ACL_TYPE_ACCESS))
return -ECHILD; return -ECHILD;
return -EAGAIN; return -EAGAIN;
......
...@@ -244,7 +244,7 @@ ext3_check_acl(struct inode *inode, int mask, unsigned int flags) ...@@ -244,7 +244,7 @@ ext3_check_acl(struct inode *inode, int mask, unsigned int flags)
{ {
struct posix_acl *acl; struct posix_acl *acl;
if (flags & IPERM_FLAG_RCU) { if (mask & MAY_NOT_BLOCK) {
if (!negative_cached_acl(inode, ACL_TYPE_ACCESS)) if (!negative_cached_acl(inode, ACL_TYPE_ACCESS))
return -ECHILD; return -ECHILD;
return -EAGAIN; return -EAGAIN;
......
...@@ -242,7 +242,7 @@ ext4_check_acl(struct inode *inode, int mask, unsigned int flags) ...@@ -242,7 +242,7 @@ ext4_check_acl(struct inode *inode, int mask, unsigned int flags)
{ {
struct posix_acl *acl; struct posix_acl *acl;
if (flags & IPERM_FLAG_RCU) { if (mask & MAY_NOT_BLOCK) {
if (!negative_cached_acl(inode, ACL_TYPE_ACCESS)) if (!negative_cached_acl(inode, ACL_TYPE_ACCESS))
return -ECHILD; return -ECHILD;
return -EAGAIN; return -EAGAIN;
......
...@@ -192,7 +192,7 @@ generic_acl_chmod(struct inode *inode) ...@@ -192,7 +192,7 @@ generic_acl_chmod(struct inode *inode)
int int
generic_check_acl(struct inode *inode, int mask, unsigned int flags) generic_check_acl(struct inode *inode, int mask, unsigned int flags)
{ {
if (flags & IPERM_FLAG_RCU) { if (mask & MAY_NOT_BLOCK) {
if (!negative_cached_acl(inode, ACL_TYPE_ACCESS)) if (!negative_cached_acl(inode, ACL_TYPE_ACCESS))
return -ECHILD; return -ECHILD;
} else { } else {
......
...@@ -80,7 +80,7 @@ int gfs2_check_acl(struct inode *inode, int mask, unsigned int flags) ...@@ -80,7 +80,7 @@ int gfs2_check_acl(struct inode *inode, int mask, unsigned int flags)
struct posix_acl *acl; struct posix_acl *acl;
int error; int error;
if (flags & IPERM_FLAG_RCU) { if (mask & MAY_NOT_BLOCK) {
if (!negative_cached_acl(inode, ACL_TYPE_ACCESS)) if (!negative_cached_acl(inode, ACL_TYPE_ACCESS))
return -ECHILD; return -ECHILD;
return -EAGAIN; return -EAGAIN;
......
...@@ -264,7 +264,7 @@ int jffs2_check_acl(struct inode *inode, int mask, unsigned int flags) ...@@ -264,7 +264,7 @@ int jffs2_check_acl(struct inode *inode, int mask, unsigned int flags)
struct posix_acl *acl; struct posix_acl *acl;
int rc; int rc;
if (flags & IPERM_FLAG_RCU) if (mask & MAY_NOT_BLOCK)
return -ECHILD; return -ECHILD;
acl = jffs2_get_acl(inode, ACL_TYPE_ACCESS); acl = jffs2_get_acl(inode, ACL_TYPE_ACCESS);
......
...@@ -118,7 +118,7 @@ int jfs_check_acl(struct inode *inode, int mask, unsigned int flags) ...@@ -118,7 +118,7 @@ int jfs_check_acl(struct inode *inode, int mask, unsigned int flags)
{ {
struct posix_acl *acl; struct posix_acl *acl;
if (flags & IPERM_FLAG_RCU) if (mask & MAY_NOT_BLOCK)
return -ECHILD; return -ECHILD;
acl = jfs_get_acl(inode, ACL_TYPE_ACCESS); acl = jfs_get_acl(inode, ACL_TYPE_ACCESS);
......
...@@ -181,7 +181,7 @@ static int acl_permission_check(struct inode *inode, int mask, unsigned int flag ...@@ -181,7 +181,7 @@ static int acl_permission_check(struct inode *inode, int mask, unsigned int flag
int (*check_acl)(struct inode *inode, int mask, unsigned int flags); int (*check_acl)(struct inode *inode, int mask, unsigned int flags);
unsigned int mode = inode->i_mode; unsigned int mode = inode->i_mode;
mask &= MAY_READ | MAY_WRITE | MAY_EXEC; mask &= MAY_READ | MAY_WRITE | MAY_EXEC | MAY_NOT_BLOCK;
if (current_user_ns() != inode_userns(inode)) if (current_user_ns() != inode_userns(inode))
goto other_perms; goto other_perms;
...@@ -204,7 +204,7 @@ static int acl_permission_check(struct inode *inode, int mask, unsigned int flag ...@@ -204,7 +204,7 @@ static int acl_permission_check(struct inode *inode, int mask, unsigned int flag
/* /*
* If the DACs are ok we don't need any capability check. * If the DACs are ok we don't need any capability check.
*/ */
if ((mask & ~mode) == 0) if ((mask & ~mode & (MAY_READ | MAY_WRITE | MAY_EXEC)) == 0)
return 0; return 0;
return -EACCES; return -EACCES;
} }
......
...@@ -297,7 +297,7 @@ int ocfs2_check_acl(struct inode *inode, int mask, unsigned int flags) ...@@ -297,7 +297,7 @@ int ocfs2_check_acl(struct inode *inode, int mask, unsigned int flags)
struct posix_acl *acl; struct posix_acl *acl;
int ret = -EAGAIN; int ret = -EAGAIN;
if (flags & IPERM_FLAG_RCU) if (mask & MAY_NOT_BLOCK)
return -ECHILD; return -ECHILD;
osb = OCFS2_SB(inode->i_sb); osb = OCFS2_SB(inode->i_sb);
......
...@@ -879,7 +879,7 @@ int reiserfs_check_acl(struct inode *inode, int mask, unsigned int flags) ...@@ -879,7 +879,7 @@ int reiserfs_check_acl(struct inode *inode, int mask, unsigned int flags)
if (get_inode_sd_version(inode) == STAT_DATA_V1) if (get_inode_sd_version(inode) == STAT_DATA_V1)
return -EAGAIN; return -EAGAIN;
if (flags & IPERM_FLAG_RCU) if (mask & MAY_NOT_BLOCK)
return -ECHILD; return -ECHILD;
acl = reiserfs_get_acl(inode, ACL_TYPE_ACCESS); acl = reiserfs_get_acl(inode, ACL_TYPE_ACCESS);
......
...@@ -235,7 +235,7 @@ xfs_check_acl(struct inode *inode, int mask, unsigned int flags) ...@@ -235,7 +235,7 @@ xfs_check_acl(struct inode *inode, int mask, unsigned int flags)
if (!XFS_IFORK_Q(ip)) if (!XFS_IFORK_Q(ip))
return -EAGAIN; return -EAGAIN;
if (flags & IPERM_FLAG_RCU) { if (mask & MAY_NOT_BLOCK) {
if (!negative_cached_acl(inode, ACL_TYPE_ACCESS)) if (!negative_cached_acl(inode, ACL_TYPE_ACCESS))
return -ECHILD; return -ECHILD;
return -EAGAIN; return -EAGAIN;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册