->permission() sanitizing: pass MAY_NOT_BLOCK to ->check_acl()

author Al Viro <viro@zeniv.linux.org.uk>

Mon, 20 Jun 2011 23:06:22 +0000 (19:06 -0400)

committer Al Viro <viro@zeniv.linux.org.uk>

Wed, 20 Jul 2011 05:43:19 +0000 (01:43 -0400)
author Al Viro <viro@zeniv.linux.org.uk>
Mon, 20 Jun 2011 23:06:22 +0000 (19:06 -0400)
committer Al Viro <viro@zeniv.linux.org.uk>
Wed, 20 Jul 2011 05:43:19 +0000 (01:43 -0400)
diff --git a/fs/9p/acl.c b/fs/9p/acl.c

index 535ab6e..94af68b 100644 (file)
--- a/fs/9p/acl.c
+++ b/fs/9p/acl.c
@@ -101,7 +101,7 @@ int v9fs_check_acl(struct inode *inode, int mask, unsigned int flags)
         struct posix_acl *acl;
         struct v9fs_session_info *v9ses;
  
-       if (flags & IPERM_FLAG_RCU)
+       if (mask & MAY_NOT_BLOCK)
                 return -ECHILD;
  
         v9ses = v9fs_inode2v9ses(inode);
diff --git a/fs/btrfs/acl.c b/fs/btrfs/acl.c

index f66fc99..a25a4a2 100644 (file)
--- a/fs/btrfs/acl.c
+++ b/fs/btrfs/acl.c
@@ -199,10 +199,9 @@ int btrfs_check_acl(struct inode *inode, int mask, unsigned int flags)
  {
         int error = -EAGAIN;
  
-       if (flags & IPERM_FLAG_RCU) {
+       if (mask & MAY_NOT_BLOCK) {
                 if (!negative_cached_acl(inode, ACL_TYPE_ACCESS))
                         error = -ECHILD;
-
         } else {
                 struct posix_acl *acl;
                 acl = btrfs_get_acl(inode, ACL_TYPE_ACCESS);
diff --git a/fs/ext2/acl.c b/fs/ext2/acl.c

index abea5a1..6b9442d 100644 (file)
--- a/fs/ext2/acl.c
+++ b/fs/ext2/acl.c
@@ -236,7 +236,7 @@ ext2_check_acl(struct inode *inode, int mask, unsigned int flags)
  {
         struct posix_acl *acl;
  
-       if (flags & IPERM_FLAG_RCU) {
+       if (mask & MAY_NOT_BLOCK) {
                 if (!negative_cached_acl(inode, ACL_TYPE_ACCESS))
                         return -ECHILD;
                 return -EAGAIN;
diff --git a/fs/ext3/acl.c b/fs/ext3/acl.c

index 9d021c0..0a6940d 100644 (file)
--- a/fs/ext3/acl.c
+++ b/fs/ext3/acl.c
@@ -244,7 +244,7 @@ ext3_check_acl(struct inode *inode, int mask, unsigned int flags)
  {
         struct posix_acl *acl;
  
-       if (flags & IPERM_FLAG_RCU) {
+       if (mask & MAY_NOT_BLOCK) {
                 if (!negative_cached_acl(inode, ACL_TYPE_ACCESS))
                         return -ECHILD;
                 return -EAGAIN;
diff --git a/fs/ext4/acl.c b/fs/ext4/acl.c

index 21eacd7..4f54252 100644 (file)
--- a/fs/ext4/acl.c
+++ b/fs/ext4/acl.c
@@ -242,7 +242,7 @@ ext4_check_acl(struct inode *inode, int mask, unsigned int flags)
  {
         struct posix_acl *acl;
  
-       if (flags & IPERM_FLAG_RCU) {
+       if (mask & MAY_NOT_BLOCK) {
                 if (!negative_cached_acl(inode, ACL_TYPE_ACCESS))
                         return -ECHILD;
                 return -EAGAIN;
diff --git a/fs/generic_acl.c b/fs/generic_acl.c

index 8f26d1a..5976bb1 100644 (file)
--- a/fs/generic_acl.c
+++ b/fs/generic_acl.c
@@ -192,7 +192,7 @@ generic_acl_chmod(struct inode *inode)
  int
  generic_check_acl(struct inode *inode, int mask, unsigned int flags)
  {
-       if (flags & IPERM_FLAG_RCU) {
+       if (mask & MAY_NOT_BLOCK) {
                 if (!negative_cached_acl(inode, ACL_TYPE_ACCESS))
                         return -ECHILD;
         } else {
diff --git a/fs/gfs2/acl.c b/fs/gfs2/acl.c

index cbc0715..4d97352 100644 (file)
--- a/fs/gfs2/acl.c
+++ b/fs/gfs2/acl.c
@@ -80,7 +80,7 @@ int gfs2_check_acl(struct inode *inode, int mask, unsigned int flags)
         struct posix_acl *acl;
         int error;
  
-       if (flags & IPERM_FLAG_RCU) {
+       if (mask & MAY_NOT_BLOCK) {
                 if (!negative_cached_acl(inode, ACL_TYPE_ACCESS))
                         return -ECHILD;
                 return -EAGAIN;
diff --git a/fs/jffs2/acl.c b/fs/jffs2/acl.c

index 828a0e1..952afb5 100644 (file)
--- a/fs/jffs2/acl.c
+++ b/fs/jffs2/acl.c
@@ -264,7 +264,7 @@ int jffs2_check_acl(struct inode *inode, int mask, unsigned int flags)
         struct posix_acl *acl;
         int rc;
  
-       if (flags & IPERM_FLAG_RCU)
+       if (mask & MAY_NOT_BLOCK)
                 return -ECHILD;
  
         acl = jffs2_get_acl(inode, ACL_TYPE_ACCESS);
diff --git a/fs/jfs/acl.c b/fs/jfs/acl.c

index e5de942..859ae5a 100644 (file)
--- a/fs/jfs/acl.c
+++ b/fs/jfs/acl.c
@@ -118,7 +118,7 @@ int jfs_check_acl(struct inode *inode, int mask, unsigned int flags)
  {
         struct posix_acl *acl;
  
-       if (flags & IPERM_FLAG_RCU)
+       if (mask & MAY_NOT_BLOCK)
                 return -ECHILD;
  
         acl = jfs_get_acl(inode, ACL_TYPE_ACCESS);
diff --git a/fs/namei.c b/fs/namei.c

index 723a3fe..e0624e2 100644 (file)
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -181,7 +181,7 @@ static int acl_permission_check(struct inode *inode, int mask, unsigned int flag
         int (*check_acl)(struct inode *inode, int mask, unsigned int flags);
         unsigned int mode = inode->i_mode;
  
-       mask &= MAY_READ | MAY_WRITE | MAY_EXEC;
+       mask &= MAY_READ | MAY_WRITE | MAY_EXEC | MAY_NOT_BLOCK;
  
         if (current_user_ns() != inode_userns(inode))
                 goto other_perms;
@@ -204,7 +204,7 @@ other_perms:
         /*
          * If the DACs are ok we don't need any capability check.
          */
-       if ((mask & ~mode) == 0)
+       if ((mask & ~mode & (MAY_READ | MAY_WRITE | MAY_EXEC)) == 0)
                 return 0;
         return -EACCES;
  }
diff --git a/fs/ocfs2/acl.c b/fs/ocfs2/acl.c

index e913ad1..4b683cc 100644 (file)
--- a/fs/ocfs2/acl.c
+++ b/fs/ocfs2/acl.c
@@ -297,7 +297,7 @@ int ocfs2_check_acl(struct inode *inode, int mask, unsigned int flags)
         struct posix_acl *acl;
         int ret = -EAGAIN;
  
-       if (flags & IPERM_FLAG_RCU)
+       if (mask & MAY_NOT_BLOCK)
                 return -ECHILD;
  
         osb = OCFS2_SB(inode->i_sb);
diff --git a/fs/reiserfs/xattr.c b/fs/reiserfs/xattr.c

index ddc5301..6747470 100644 (file)
--- a/fs/reiserfs/xattr.c
+++ b/fs/reiserfs/xattr.c
@@ -879,7 +879,7 @@ int reiserfs_check_acl(struct inode *inode, int mask, unsigned int flags)
         if (get_inode_sd_version(inode) == STAT_DATA_V1)
                 return -EAGAIN;
  
-       if (flags & IPERM_FLAG_RCU)
+       if (mask & MAY_NOT_BLOCK)
                 return -ECHILD;
  
         acl = reiserfs_get_acl(inode, ACL_TYPE_ACCESS);
diff --git a/fs/xfs/linux-2.6/xfs_acl.c b/fs/xfs/linux-2.6/xfs_acl.c

index 39f4f80..278e673 100644 (file)
--- a/fs/xfs/linux-2.6/xfs_acl.c
+++ b/fs/xfs/linux-2.6/xfs_acl.c
@@ -235,7 +235,7 @@ xfs_check_acl(struct inode *inode, int mask, unsigned int flags)
         if (!XFS_IFORK_Q(ip))
                 return -EAGAIN;
  
-       if (flags & IPERM_FLAG_RCU) {
+       if (mask & MAY_NOT_BLOCK) {
                 if (!negative_cached_acl(inode, ACL_TYPE_ACCESS))
                         return -ECHILD;
                 return -EAGAIN;
author	Al Viro <viro@zeniv.linux.org.uk>
	Mon, 20 Jun 2011 23:06:22 +0000 (19:06 -0400)
committer	Al Viro <viro@zeniv.linux.org.uk>
	Wed, 20 Jul 2011 05:43:19 +0000 (01:43 -0400)
fs/9p/acl.c		patch \| blob \| history
fs/btrfs/acl.c		patch \| blob \| history
fs/ext2/acl.c		patch \| blob \| history
fs/ext3/acl.c		patch \| blob \| history
fs/ext4/acl.c		patch \| blob \| history
fs/generic_acl.c		patch \| blob \| history
fs/gfs2/acl.c		patch \| blob \| history
fs/jffs2/acl.c		patch \| blob \| history
fs/jfs/acl.c		patch \| blob \| history
fs/namei.c		patch \| blob \| history
fs/ocfs2/acl.c		patch \| blob \| history
fs/reiserfs/xattr.c		patch \| blob \| history
fs/xfs/linux-2.6/xfs_acl.c		patch \| blob \| history