diff options
| author | Steven Whitehouse <swhiteho@redhat.com> | 2010-05-24 14:36:48 +0100 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@suse.de> | 2010-07-05 11:11:14 -0700 |
| commit | 644e1e4321b95542b5f16e65ff30976c2f634512 (patch) | |
| tree | a4dd0e02bbf33918f681551130476e748ce60759 /fs/gfs2 | |
| parent | 6e3312e22f1cb180d7512d4717fad8145db2b436 (diff) | |
GFS2: Fix permissions checking for setflags ioctl()
commit 7df0e0397b9a18358573274db9fdab991941062f upstream.
We should be checking for the ownership of the file for which
flags are being set, rather than just for write access.
Reported-by: Dan Rosenberg <dan.j.rosenberg@gmail.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Diffstat (limited to 'fs/gfs2')
| -rw-r--r-- | fs/gfs2/file.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/fs/gfs2/file.c b/fs/gfs2/file.c index a32bcd74d39b..b3fd1d886946 100644 --- a/fs/gfs2/file.c +++ b/fs/gfs2/file.c @@ -218,6 +218,11 @@ static int do_gfs2_set_flags(struct file *filp, u32 reqflags, u32 mask) if (error) goto out_drop_write; + error = -EACCES; + if (!is_owner_or_cap(inode)) + goto out; + + error = 0; flags = ip->i_diskflags; new_flags = (flags & ~mask) | (reqflags & mask); if ((new_flags ^ flags) == 0) @@ -275,8 +280,10 @@ static int gfs2_set_flags(struct file *filp, u32 __user *ptr) { struct inode *inode = filp->f_path.dentry->d_inode; u32 fsflags, gfsflags; + if (get_user(fsflags, ptr)) return -EFAULT; + gfsflags = fsflags_cvt(fsflags_to_gfs2, fsflags); if (!S_ISDIR(inode->i_mode)) { if (gfsflags & GFS2_DIF_INHERIT_JDATA) |