From patchwork Sun Oct 4 17:18:50 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andreas Gruenbacher X-Patchwork-Id: 7323911 Return-Path: X-Original-To: patchwork-linux-fsdevel@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork1.web.kernel.org (Postfix) with ESMTP id B59D19F1B9 for ; Sun, 4 Oct 2015 17:21:50 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id F411D20855 for ; Sun, 4 Oct 2015 17:21:49 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 5DB8820866 for ; Sun, 4 Oct 2015 17:21:48 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751935AbbJDRT6 (ORCPT ); Sun, 4 Oct 2015 13:19:58 -0400 Received: from mx1.redhat.com ([209.132.183.28]:32936 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751774AbbJDRTO (ORCPT ); Sun, 4 Oct 2015 13:19:14 -0400 Received: from int-mx14.intmail.prod.int.phx2.redhat.com (int-mx14.intmail.prod.int.phx2.redhat.com [10.5.11.27]) by mx1.redhat.com (Postfix) with ESMTPS id 2D16EAED4C; Sun, 4 Oct 2015 17:19:14 +0000 (UTC) Received: from nux.home.com (vpn1-6-30.ams2.redhat.com [10.36.6.30]) by int-mx14.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id t94HIveE007710; Sun, 4 Oct 2015 13:19:11 -0400 From: Andreas Gruenbacher To: Alexander Viro , Christoph Hellwig , linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org Cc: David Woodhouse , linux-mtd@lists.infradead.org Subject: [PATCH v3 3/7] jffs2: Add missing capability check for listing trusted xattrs Date: Sun, 4 Oct 2015 19:18:50 +0200 Message-Id: <1443979134-7279-4-git-send-email-agruenba@redhat.com> In-Reply-To: <1443979134-7279-1-git-send-email-agruenba@redhat.com> References: <1443979134-7279-1-git-send-email-agruenba@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.27 Sender: linux-fsdevel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI, T_RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP The vfs checks if a task has the appropriate access for get and set operations, but it cannot do that for the list operation; the file system must check for that itself. Signed-off-by: Andreas Gruenbacher Reviewed-by: Christoph Hellwig Cc: David Woodhouse Cc: linux-mtd@lists.infradead.org --- fs/jffs2/xattr_trusted.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/fs/jffs2/xattr_trusted.c b/fs/jffs2/xattr_trusted.c index ceaf9c6..bbd20c1 100644 --- a/fs/jffs2/xattr_trusted.c +++ b/fs/jffs2/xattr_trusted.c @@ -39,6 +39,9 @@ static size_t jffs2_trusted_listxattr(struct dentry *dentry, char *list, { size_t retlen = XATTR_TRUSTED_PREFIX_LEN + name_len + 1; + if (!capable(CAP_SYS_ADMIN)) + return 0; + if (list && retlen<=list_size) { strcpy(list, XATTR_TRUSTED_PREFIX); strcpy(list + XATTR_TRUSTED_PREFIX_LEN, name);