diff options
| author | Jan Kara <jack@suse.cz> | 2016-12-14 13:24:45 +0100 |
|---|---|---|
| committer | Sasha Levin <alexander.levin@verizon.com> | 2016-12-23 08:56:34 -0500 |
| commit | 89bc54c5402751feb71957101670a4da191f9210 (patch) | |
| tree | b9942cc801fa5694e08021863e9db7373fef0ada /security/tomoyo/common.h | |
| parent | 1b364dc9edba5ad079a43853fd319a3a255f5b29 (diff) | |
xfs: Propagate dentry down to inode_change_ok()
[ upstream commit 69bca80744eef58fa155e8042996b968fec17b26 ]
To avoid clearing of capabilities or security related extended
attributes too early, inode_change_ok() will need to take dentry instead
of inode. Propagate dentry down to functions calling inode_change_ok().
This is rather straightforward except for xfs_set_mode() function which
does not have dentry easily available. Luckily that function does not
call inode_change_ok() anyway so we just have to do a little dance with
function prototypes.
References: CVE-2015-1350
Acked-by: Dave Chinner <dchinner@redhat.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Jan Kara <jack@suse.cz>
Conflicts: Missing file_dentry() from d101a125954eae1d397adda94ca6319485a50493
Signed-off-by: Philipp Hahn <hahn@univention.de>
Signed-off-by: Sasha Levin <alexander.levin@verizon.com>
Diffstat (limited to 'security/tomoyo/common.h')
0 files changed, 0 insertions, 0 deletions