From: Steven Whitehouse <swhiteho@redhat.com>
Date: Mon, 24 May 2010 15:06:06 -0400
Subject: [fs] gfs2: fix permissions checking for setflags ioctl
Message-id: <1274713566.3158.98.camel@localhost.localdomain>
Patchwork-id: 25699
O-Subject: [RHEL5.6] GFS2: Fix permissions checking for setflags ioctl() (bz
#595399)
Bugzilla: 595399
CVE: CVE-2010-1641
RH-Acked-by: Robert S Peterson <rpeterso@redhat.com>
RH-Acked-by: Eugene Teo <eugene@redhat.com>
This is the RHEL5 version of the patch. Its identical to the
upstream/RHEL6 version modulo the change in the file name.
This fixes bz #595339
Signed-off-by: Jarod Wilson <jarod@redhat.com>
diff --git a/fs/gfs2/ops_file.c b/fs/gfs2/ops_file.c
index 2e684bf..46a484f 100644
--- a/fs/gfs2/ops_file.c
+++ b/fs/gfs2/ops_file.c
@@ -272,6 +272,11 @@ static int do_gfs2_set_flags(struct file *filp, u32 reqflags, u32 mask)
if (error)
return error;
+ error = -EACCES;
+ if (!is_owner_or_cap(inode))
+ goto out;
+
+ error = 0;
flags = ip->i_diskflags;
new_flags = (flags & ~mask) | (reqflags & mask);
if ((new_flags ^ flags) == 0)
@@ -327,8 +332,10 @@ static int gfs2_set_flags(struct file *filp, u32 __user *ptr)
{
struct inode *inode = filp->f_dentry->d_inode;
u32 fsflags, gfsflags;
+
if (get_user(fsflags, ptr))
return -EFAULT;
+
gfsflags = fsflags_cvt(fsflags_to_gfs2, fsflags);
if (!S_ISDIR(inode->i_mode)) {
if (gfsflags & GFS2_DIF_INHERIT_JDATA)
distrib
>
Scientific%20Linux
>
5x
>
x86_64
>
by-pkgid
>
27922b4260f65d317aabda37e42bbbff
>
files
>
1061
