diff options
author | Al Viro <viro@zeniv.linux.org.uk> | 2011-06-20 19:06:22 -0400 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2011-07-20 01:43:19 -0400 |
commit | 9c2c703929e4c41210cfa6e3f599514421bab8dc (patch) | |
tree | 2086738f22755ad18ba18ab2ee0f2b23d651da60 /fs/namei.c | |
parent | 1fc0f78ca9f311c6277e2f1b7655bb4d43ceb311 (diff) | |
download | op-kernel-dev-9c2c703929e4c41210cfa6e3f599514421bab8dc.zip op-kernel-dev-9c2c703929e4c41210cfa6e3f599514421bab8dc.tar.gz |
->permission() sanitizing: pass MAY_NOT_BLOCK to ->check_acl()
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'fs/namei.c')
-rw-r--r-- | fs/namei.c | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -181,7 +181,7 @@ static int acl_permission_check(struct inode *inode, int mask, unsigned int flag int (*check_acl)(struct inode *inode, int mask, unsigned int flags); unsigned int mode = inode->i_mode; - mask &= MAY_READ | MAY_WRITE | MAY_EXEC; + mask &= MAY_READ | MAY_WRITE | MAY_EXEC | MAY_NOT_BLOCK; if (current_user_ns() != inode_userns(inode)) goto other_perms; @@ -204,7 +204,7 @@ other_perms: /* * If the DACs are ok we don't need any capability check. */ - if ((mask & ~mode) == 0) + if ((mask & ~mode & (MAY_READ | MAY_WRITE | MAY_EXEC)) == 0) return 0; return -EACCES; } |