make exec_permission(dir) really equivalent to inode_permission(dir, MAY_EXEC)
capability overrides apply only to the default case; if fs has ->permission() that does _not_ call generic_permission(), we have no business doing them. Moreover, if it has ->permission() that does call generic_permission(), we have no need to recheck capabilities. Besides, the capability overrides should apply only if we got EACCES from acl_permission_check(); any other value (-EIO, etc.) should be returned to caller, capabilities or not capabilities. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
This commit is contained in:
parent
43e15cdbef
commit
4cf27141cb
1 changed files with 9 additions and 9 deletions
|
@ -584,19 +584,19 @@ static inline int exec_permission(struct inode *inode, unsigned int flags)
|
|||
|
||||
if (inode->i_op->permission) {
|
||||
ret = inode->i_op->permission(inode, MAY_EXEC, flags);
|
||||
if (likely(!ret))
|
||||
goto ok;
|
||||
} else {
|
||||
ret = acl_permission_check(inode, MAY_EXEC, flags,
|
||||
inode->i_op->check_acl);
|
||||
}
|
||||
if (likely(!ret))
|
||||
goto ok;
|
||||
if (ret == -ECHILD)
|
||||
if (ret != -EACCES)
|
||||
return ret;
|
||||
|
||||
if (ns_capable(ns, CAP_DAC_OVERRIDE) ||
|
||||
ns_capable(ns, CAP_DAC_READ_SEARCH))
|
||||
goto ok;
|
||||
|
||||
}
|
||||
return ret;
|
||||
ok:
|
||||
return security_inode_exec_permission(inode, flags);
|
||||
|
|
Loading…
Reference in a new issue