Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
L
linux
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
linux
Commits
30524472
Commit
30524472
authored
Jul 22, 2008
by
Al Viro
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
[PATCH] take noexec checks to very few callers that care
Signed-off-by:
Al Viro
<
viro@zeniv.linux.org.uk
>
parent
e56b6a5d
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
17 additions
and
9 deletions
+17
-9
fs/exec.c
fs/exec.c
+7
-0
fs/namei.c
fs/namei.c
+0
-9
fs/open.c
fs/open.c
+10
-0
No files found.
fs/exec.c
View file @
30524472
...
...
@@ -118,6 +118,10 @@ asmlinkage long sys_uselib(const char __user * library)
if
(
!
S_ISREG
(
nd
.
path
.
dentry
->
d_inode
->
i_mode
))
goto
exit
;
error
=
-
EACCES
;
if
(
nd
.
path
.
mnt
->
mnt_flags
&
MNT_NOEXEC
)
goto
exit
;
error
=
vfs_permission
(
&
nd
,
MAY_READ
|
MAY_EXEC
|
MAY_OPEN
);
if
(
error
)
goto
exit
;
...
...
@@ -668,6 +672,9 @@ struct file *open_exec(const char *name)
if
(
!
S_ISREG
(
nd
.
path
.
dentry
->
d_inode
->
i_mode
))
goto
out_path_put
;
if
(
nd
.
path
.
mnt
->
mnt_flags
&
MNT_NOEXEC
)
goto
out_path_put
;
err
=
vfs_permission
(
&
nd
,
MAY_EXEC
|
MAY_OPEN
);
if
(
err
)
goto
out_path_put
;
...
...
fs/namei.c
View file @
30524472
...
...
@@ -252,15 +252,6 @@ int permission(struct inode *inode, int mask, struct nameidata *nd)
return
-
EACCES
;
}
if
((
mask
&
MAY_EXEC
)
&&
S_ISREG
(
inode
->
i_mode
))
{
/*
* MAY_EXEC on regular files is denied if the fs is mounted
* with the "noexec" flag.
*/
if
(
mnt
&&
(
mnt
->
mnt_flags
&
MNT_NOEXEC
))
return
-
EACCES
;
}
/* Ordinary permission routines do not understand MAY_APPEND. */
if
(
inode
->
i_op
&&
inode
->
i_op
->
permission
)
{
retval
=
inode
->
i_op
->
permission
(
inode
,
mask
);
...
...
fs/open.c
View file @
30524472
...
...
@@ -461,6 +461,16 @@ asmlinkage long sys_faccessat(int dfd, const char __user *filename, int mode)
if
(
res
)
goto
out
;
if
((
mode
&
MAY_EXEC
)
&&
S_ISREG
(
nd
.
path
.
dentry
->
d_inode
->
i_mode
))
{
/*
* MAY_EXEC on regular files is denied if the fs is mounted
* with the "noexec" flag.
*/
res
=
-
EACCES
;
if
(
nd
.
path
.
mnt
->
mnt_flags
&
MNT_NOEXEC
)
goto
out_path_release
;
}
res
=
vfs_permission
(
&
nd
,
mode
|
MAY_ACCESS
);
/* SuS v2 requires we report a read only fs too */
if
(
res
||
!
(
mode
&
S_IWOTH
)
||
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment