[PATCH 1/2] posix_acl: Add set_posix_acl

Luis Henriques luis.henriques at canonical.com
Tue Jul 19 11:06:42 UTC 2016


From: Andreas Gruenbacher <agruenba at redhat.com>

Factor out part of posix_acl_xattr_set into a common function that takes
a posix_acl, which nfsd can also call.

The prototype already exists in include/linux/posix_acl.h.

Signed-off-by: Andreas Gruenbacher <agruenba at redhat.com>
Cc: stable at vger.kernel.org
Cc: Christoph Hellwig <hch at infradead.org>
Cc: Al Viro <viro at zeniv.linux.org.uk>
Signed-off-by: J. Bruce Fields <bfields at redhat.com>
(backported from commit 485e71e8fb6356c08c7fc6bcce4bf02c9a9a663f)
[ luis: based on backport in upstream 3.14 stable ]
CVE-2016-1237
Signed-off-by: Luis Henriques <luis.henriques at canonical.com>
---
 fs/posix_acl.c | 38 +++++++++++++++++++++-----------------
 1 file changed, 21 insertions(+), 17 deletions(-)

diff --git a/fs/posix_acl.c b/fs/posix_acl.c
index 0855f772cd41..96707d0121e2 100644
--- a/fs/posix_acl.c
+++ b/fs/posix_acl.c
@@ -787,38 +787,42 @@ posix_acl_xattr_get(struct dentry *dentry, const char *name,
 	return error;
 }
 
-static int
-posix_acl_xattr_set(struct dentry *dentry, const char *name,
-		const void *value, size_t size, int flags, int type)
+int
+set_posix_acl(struct inode *inode, int type, struct posix_acl *acl)
 {
-	struct inode *inode = dentry->d_inode;
-	struct posix_acl *acl = NULL;
-	int ret;
-
 	if (!IS_POSIXACL(inode))
 		return -EOPNOTSUPP;
 	if (!inode->i_op->set_acl)
 		return -EOPNOTSUPP;
 
 	if (type == ACL_TYPE_DEFAULT && !S_ISDIR(inode->i_mode))
-		return value ? -EACCES : 0;
+		return acl ? -EACCES : 0;
 	if (!inode_owner_or_capable(inode))
 		return -EPERM;
 
+	if (acl) {
+		int ret = posix_acl_valid(acl);
+		if (ret)
+			return ret;
+	}
+	return inode->i_op->set_acl(inode, acl, type);
+}
+EXPORT_SYMBOL(set_posix_acl);
+
+static int
+posix_acl_xattr_set(struct dentry *dentry, const char *name,
+		    const void *value, size_t size, int flags, int type)
+{
+	struct inode *inode = dentry->d_inode;
+	struct posix_acl *acl = NULL;
+	int ret;
+
 	if (value) {
 		acl = posix_acl_from_xattr(&init_user_ns, value, size);
 		if (IS_ERR(acl))
 			return PTR_ERR(acl);
-
-		if (acl) {
-			ret = posix_acl_valid(acl);
-			if (ret)
-				goto out;
-		}
 	}
-
-	ret = inode->i_op->set_acl(inode, acl, type);
-out:
+	ret = set_posix_acl(inode, type, acl);
 	posix_acl_release(acl);
 	return ret;
 }




More information about the kernel-team mailing list