GFS2: Fix permissions checking for setflags ioctl()

commit 7df0e0397b9a18358573274db9fdab991941062f upstream. We should be checking for the ownership of the file for which flags are being set, rather than just for write access. Reported-by: Dan Rosenberg <dan.j.rosenberg@gmail.com> Signed-off-by: Steven Whitehouse <swhiteho@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
author: Steven Whitehouse <swhiteho@redhat.com> 2010-05-24 14:36:48 +0100
committer: Greg Kroah-Hartman <gregkh@suse.de> 2010-07-05 11:22:55 -0700
commit: 55442a2a4c899ee1201e2dca8f8c7a0dc4e59037 (patch)
tree: b1d255dba9a17d4be451e4bb8f46633452d7ab0d
parent: 94f98453eab3c95eaa40132b2e78cc4edc1bf48f (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/fs/gfs2/file.c b/fs/gfs2/file.c
index e6dd2aec6f82..b20bfcc9fa2d 100644
--- a/fs/gfs2/file.c
+++ b/fs/gfs2/file.c
@@ -218,6 +218,11 @@ static int do_gfs2_set_flags(struct file *filp, u32 reqflags, u32 mask)
 	if (error)
 		goto out_drop_write;
 
+	error = -EACCES;
+	if (!is_owner_or_cap(inode))
+		goto out;
+
+	error = 0;
 	flags = ip->i_diskflags;
 	new_flags = (flags & ~mask) | (reqflags & mask);
 	if ((new_flags ^ flags) == 0)
@@ -275,8 +280,10 @@ static int gfs2_set_flags(struct file *filp, u32 __user *ptr)
 {
 	struct inode *inode = filp->f_path.dentry->d_inode;
 	u32 fsflags, gfsflags;
+
 	if (get_user(fsflags, ptr))
 		return -EFAULT;
+
 	gfsflags = fsflags_cvt(fsflags_to_gfs2, fsflags);
 	if (!S_ISDIR(inode->i_mode)) {
 		if (gfsflags & GFS2_DIF_INHERIT_JDATA)
author	Steven Whitehouse <swhiteho@redhat.com>	2010-05-24 14:36:48 +0100
committer	Greg Kroah-Hartman <gregkh@suse.de>	2010-07-05 11:22:55 -0700
commit	55442a2a4c899ee1201e2dca8f8c7a0dc4e59037 (patch)
tree	b1d255dba9a17d4be451e4bb8f46633452d7ab0d
parent	94f98453eab3c95eaa40132b2e78cc4edc1bf48f (diff)