Commit 4cf27141 authored by Al Viro's avatar Al Viro
Browse files

make exec_permission(dir) really equivalent to inode_permission(dir, MAY_EXEC) 



capability overrides apply only to the default case; if fs has ->permission()
that does _not_ call generic_permission(), we have no business doing them.
Moreover, if it has ->permission() that does call generic_permission(), we
have no need to recheck capabilities.

Besides, the capability overrides should apply only if we got EACCES from
acl_permission_check(); any other value (-EIO, etc.) should be returned
to caller, capabilities or not capabilities.

Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
parent 43e15cdb

fs/namei.c

+9 −9
Original line number Diff line number Diff line
@@ -584,19 +584,19 @@ static inline int exec_permission(struct inode *inode, unsigned int flags) 


	if (inode->i_op->permission) {

		ret = inode->i_op->permission(inode, MAY_EXEC, flags);

		if (likely(!ret))

			goto ok;

	} else {

		ret = acl_permission_check(inode, MAY_EXEC, flags,

				inode->i_op->check_acl);

	}

		if (likely(!ret))

			goto ok;

	if (ret == -ECHILD)

		if (ret != -EACCES)

			return ret;



		if (ns_capable(ns, CAP_DAC_OVERRIDE) ||

				ns_capable(ns, CAP_DAC_READ_SEARCH))

			goto ok;



	}

	return ret;

ok:

	return security_inode_exec_permission(inode, flags);

CRA Git | Maintained and supported by SUSTech CRA and CCSE