From patchwork Tue Sep 22 12:26:48 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andreas Gruenbacher X-Patchwork-Id: 7238301 Return-Path: X-Original-To: patchwork-linux-fsdevel@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork2.web.kernel.org (Postfix) with ESMTP id 9E594BEEC1 for ; Tue, 22 Sep 2015 12:28:46 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id D6076207E8 for ; Tue, 22 Sep 2015 12:28:45 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id E671A207DF for ; Tue, 22 Sep 2015 12:28:44 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933209AbbIVM1S (ORCPT ); Tue, 22 Sep 2015 08:27:18 -0400 Received: from mx1.redhat.com ([209.132.183.28]:57243 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933184AbbIVM1N (ORCPT ); Tue, 22 Sep 2015 08:27:13 -0400 Received: from int-mx13.intmail.prod.int.phx2.redhat.com (int-mx13.intmail.prod.int.phx2.redhat.com [10.5.11.26]) by mx1.redhat.com (Postfix) with ESMTPS id 6303B157743; Tue, 22 Sep 2015 12:27:13 +0000 (UTC) Received: from nuc.home.com (vpn1-4-53.ams2.redhat.com [10.36.4.53]) by int-mx13.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id t8MCQwtn001846; Tue, 22 Sep 2015 08:27:10 -0400 From: Andreas Gruenbacher To: Alexander Viro , Christoph Hellwig , linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, David Woodhouse , linux-mtd@lists.infradead.org Subject: [PATCH v2 3/7] jffs2: Add missing capability check for listing trusted xattrs Date: Tue, 22 Sep 2015 14:26:48 +0200 Message-Id: <1442924812-9384-4-git-send-email-agruenba@redhat.com> In-Reply-To: <1442924812-9384-1-git-send-email-agruenba@redhat.com> References: <1442924812-9384-1-git-send-email-agruenba@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.26 Sender: linux-fsdevel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI, RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP The vfs checks if a task has the appropriate access for get and set operations, but it cannot do that for the list operation; the file system must check for that itself. Signed-off-by: Andreas Gruenbacher Reviewed-by: Christoph Hellwig --- fs/jffs2/xattr_trusted.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/fs/jffs2/xattr_trusted.c b/fs/jffs2/xattr_trusted.c index ceaf9c6..bbd20c1 100644 --- a/fs/jffs2/xattr_trusted.c +++ b/fs/jffs2/xattr_trusted.c @@ -39,6 +39,9 @@ static size_t jffs2_trusted_listxattr(struct dentry *dentry, char *list, { size_t retlen = XATTR_TRUSTED_PREFIX_LEN + name_len + 1; + if (!capable(CAP_SYS_ADMIN)) + return 0; + if (list && retlen<=list_size) { strcpy(list, XATTR_TRUSTED_PREFIX); strcpy(list + XATTR_TRUSTED_PREFIX_LEN, name);