Revision 999653786df6954a31044528ac3f7a5dadca08f4 authored by Ben Hutchings on 22 June 2016, 18:43:35 UTC, committed by J. Bruce Fields on 24 June 2016, 16:11:52 UTC
Use set_posix_acl, which includes proper permission checks, instead of calling ->set_acl directly. Without this anyone may be able to grant themselves permissions to a file by setting the ACL. Lock the inode to make the new checks atomic with respect to set_acl. (Also, nfsd was the only caller of set_acl not locking the inode, so I suspect this may fix other races.) This also simplifies the code, and ensures our ACLs are checked by posix_acl_valid. The permission checks and the inode locking were lost with commit 4ac7249e, which changed nfsd to use the set_acl inode operation directly instead of going through xattr handlers. Reported-by: David Sinquin <david@sinquin.eu> [agreunba@redhat.com: use set_posix_acl] Fixes: 4ac7249e Cc: Christoph Hellwig <hch@infradead.org> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: stable@vger.kernel.org Signed-off-by: J. Bruce Fields <bfields@redhat.com>
1 parent 485e71e
| File | Mode | Size |
|---|---|---|
| aoa | ||
| arm | ||
| atmel | ||
| core | ||
| drivers | ||
| firewire | ||
| hda | ||
| i2c | ||
| isa | ||
| mips | ||
| oss | ||
| parisc | ||
| pci | ||
| pcmcia | ||
| ppc | ||
| sh | ||
| soc | ||
| sparc | ||
| spi | ||
| synth | ||
| usb | ||
| Kconfig | -rw-r--r-- | 3.8 KB |
| Makefile | -rw-r--r-- | 544 bytes |
| ac97_bus.c | -rw-r--r-- | 3.1 KB |
| last.c | -rw-r--r-- | 1.2 KB |
| sound_core.c | -rw-r--r-- | 15.6 KB |
| sound_firmware.c | -rw-r--r-- | 1.6 KB |
Computing file changes ...
