Commit e74f71eb authored by Al Viro's avatar Al Viro
Browse files

->permission() sanitizing: don't pass flags to ->inode_permission()



pass that via mask instead.
Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
parent 10556cb2
...@@ -1456,7 +1456,7 @@ struct security_operations { ...@@ -1456,7 +1456,7 @@ struct security_operations {
struct inode *new_dir, struct dentry *new_dentry); struct inode *new_dir, struct dentry *new_dentry);
int (*inode_readlink) (struct dentry *dentry); int (*inode_readlink) (struct dentry *dentry);
int (*inode_follow_link) (struct dentry *dentry, struct nameidata *nd); int (*inode_follow_link) (struct dentry *dentry, struct nameidata *nd);
int (*inode_permission) (struct inode *inode, int mask, unsigned flags); int (*inode_permission) (struct inode *inode, int mask);
int (*inode_setattr) (struct dentry *dentry, struct iattr *attr); int (*inode_setattr) (struct dentry *dentry, struct iattr *attr);
int (*inode_getattr) (struct vfsmount *mnt, struct dentry *dentry); int (*inode_getattr) (struct vfsmount *mnt, struct dentry *dentry);
int (*inode_setxattr) (struct dentry *dentry, const char *name, int (*inode_setxattr) (struct dentry *dentry, const char *name,
......
...@@ -181,7 +181,7 @@ static int cap_inode_follow_link(struct dentry *dentry, ...@@ -181,7 +181,7 @@ static int cap_inode_follow_link(struct dentry *dentry,
return 0; return 0;
} }
static int cap_inode_permission(struct inode *inode, int mask, unsigned flags) static int cap_inode_permission(struct inode *inode, int mask)
{ {
return 0; return 0;
} }
......
...@@ -518,14 +518,17 @@ int security_inode_permission(struct inode *inode, int mask) ...@@ -518,14 +518,17 @@ int security_inode_permission(struct inode *inode, int mask)
{ {
if (unlikely(IS_PRIVATE(inode))) if (unlikely(IS_PRIVATE(inode)))
return 0; return 0;
return security_ops->inode_permission(inode, mask, 0); return security_ops->inode_permission(inode, mask);
} }
int security_inode_exec_permission(struct inode *inode, unsigned int flags) int security_inode_exec_permission(struct inode *inode, unsigned int flags)
{ {
int mask = MAY_EXEC;
if (unlikely(IS_PRIVATE(inode))) if (unlikely(IS_PRIVATE(inode)))
return 0; return 0;
return security_ops->inode_permission(inode, MAY_EXEC, flags); if (flags)
mask |= MAY_NOT_BLOCK;
return security_ops->inode_permission(inode, mask);
} }
int security_inode_setattr(struct dentry *dentry, struct iattr *attr) int security_inode_setattr(struct dentry *dentry, struct iattr *attr)
......
...@@ -2659,12 +2659,13 @@ static int selinux_inode_follow_link(struct dentry *dentry, struct nameidata *na ...@@ -2659,12 +2659,13 @@ static int selinux_inode_follow_link(struct dentry *dentry, struct nameidata *na
return dentry_has_perm(cred, dentry, FILE__READ); return dentry_has_perm(cred, dentry, FILE__READ);
} }
static int selinux_inode_permission(struct inode *inode, int mask, unsigned flags) static int selinux_inode_permission(struct inode *inode, int mask)
{ {
const struct cred *cred = current_cred(); const struct cred *cred = current_cred();
struct common_audit_data ad; struct common_audit_data ad;
u32 perms; u32 perms;
bool from_access; bool from_access;
unsigned __flags = mask & MAY_NOT_BLOCK ? IPERM_FLAG_RCU : 0;
from_access = mask & MAY_ACCESS; from_access = mask & MAY_ACCESS;
mask &= (MAY_READ|MAY_WRITE|MAY_EXEC|MAY_APPEND); mask &= (MAY_READ|MAY_WRITE|MAY_EXEC|MAY_APPEND);
...@@ -2681,7 +2682,7 @@ static int selinux_inode_permission(struct inode *inode, int mask, unsigned flag ...@@ -2681,7 +2682,7 @@ static int selinux_inode_permission(struct inode *inode, int mask, unsigned flag
perms = file_mask_to_av(inode->i_mode, mask); perms = file_mask_to_av(inode->i_mode, mask);
return inode_has_perm(cred, inode, perms, &ad, flags); return inode_has_perm(cred, inode, perms, &ad, __flags);
} }
static int selinux_inode_setattr(struct dentry *dentry, struct iattr *iattr) static int selinux_inode_setattr(struct dentry *dentry, struct iattr *iattr)
......
...@@ -689,9 +689,10 @@ static int smack_inode_rename(struct inode *old_inode, ...@@ -689,9 +689,10 @@ static int smack_inode_rename(struct inode *old_inode,
* *
* Returns 0 if access is permitted, -EACCES otherwise * Returns 0 if access is permitted, -EACCES otherwise
*/ */
static int smack_inode_permission(struct inode *inode, int mask, unsigned flags) static int smack_inode_permission(struct inode *inode, int mask)
{ {
struct smk_audit_info ad; struct smk_audit_info ad;
int no_block = mask & MAY_NOT_BLOCK;
mask &= (MAY_READ|MAY_WRITE|MAY_EXEC|MAY_APPEND); mask &= (MAY_READ|MAY_WRITE|MAY_EXEC|MAY_APPEND);
/* /*
...@@ -701,7 +702,7 @@ static int smack_inode_permission(struct inode *inode, int mask, unsigned flags) ...@@ -701,7 +702,7 @@ static int smack_inode_permission(struct inode *inode, int mask, unsigned flags)
return 0; return 0;
/* May be droppable after audit */ /* May be droppable after audit */
if (flags & IPERM_FLAG_RCU) if (no_block)
return -ECHILD; return -ECHILD;
smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_INODE); smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_INODE);
smk_ad_setfield_u_fs_inode(&ad, inode); smk_ad_setfield_u_fs_inode(&ad, inode);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment