diff options
author | Al Viro <viro@zeniv.linux.org.uk> | 2011-06-20 19:38:15 -0400 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2011-07-20 01:43:26 -0400 |
commit | e74f71eb78a4a8b9eaf1bc65f20f761648e85f76 (patch) | |
tree | 7bc7fc1344f5ed6e3ce8132b36125ef5cec6407c /security/security.c | |
parent | 10556cb21a0d0b24d95f00ea6df16f599a3345b2 (diff) | |
download | lwn-e74f71eb78a4a8b9eaf1bc65f20f761648e85f76.tar.gz lwn-e74f71eb78a4a8b9eaf1bc65f20f761648e85f76.zip |
->permission() sanitizing: don't pass flags to ->inode_permission()
pass that via mask instead.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'security/security.c')
-rw-r--r-- | security/security.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/security/security.c b/security/security.c index 4ba6d4cc061f..db3b750da353 100644 --- a/security/security.c +++ b/security/security.c @@ -518,14 +518,17 @@ int security_inode_permission(struct inode *inode, int mask) { if (unlikely(IS_PRIVATE(inode))) return 0; - return security_ops->inode_permission(inode, mask, 0); + return security_ops->inode_permission(inode, mask); } int security_inode_exec_permission(struct inode *inode, unsigned int flags) { + int mask = MAY_EXEC; if (unlikely(IS_PRIVATE(inode))) return 0; - return security_ops->inode_permission(inode, MAY_EXEC, flags); + if (flags) + mask |= MAY_NOT_BLOCK; + return security_ops->inode_permission(inode, mask); } int security_inode_setattr(struct dentry *dentry, struct iattr *attr) |