From e74f71eb78a4a8b9eaf1bc65f20f761648e85f76 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Mon, 20 Jun 2011 19:38:15 -0400 Subject: ->permission() sanitizing: don't pass flags to ->inode_permission() pass that via mask instead. Signed-off-by: Al Viro --- security/security.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'security/security.c') diff --git a/security/security.c b/security/security.c index 4ba6d4cc061f..db3b750da353 100644 --- a/security/security.c +++ b/security/security.c @@ -518,14 +518,17 @@ int security_inode_permission(struct inode *inode, int mask) { if (unlikely(IS_PRIVATE(inode))) return 0; - return security_ops->inode_permission(inode, mask, 0); + return security_ops->inode_permission(inode, mask); } int security_inode_exec_permission(struct inode *inode, unsigned int flags) { + int mask = MAY_EXEC; if (unlikely(IS_PRIVATE(inode))) return 0; - return security_ops->inode_permission(inode, MAY_EXEC, flags); + if (flags) + mask |= MAY_NOT_BLOCK; + return security_ops->inode_permission(inode, mask); } int security_inode_setattr(struct dentry *dentry, struct iattr *attr) -- cgit v1.2.3