evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_oneplus_msm8998/fs/gfs2
History
Jan Kara 49b60d4aa9 BACKPORT: posix_acl: Clear SGID bit when setting file permissions 
(cherry pick from commit 073931017b49d9458aa351605b43a7e34598caef)

When file permissions are modified via chmod(2) and the user is not in
the owning group or capable of CAP_FSETID, the setgid bit is cleared in
inode_change_ok().  Setting a POSIX ACL via setxattr(2) sets the file
permissions as well as the new ACL, but doesn't clear the setgid bit in
a similar way; this allows to bypass the check in chmod(2).  Fix that.

NB: We did not resolve the ACL leak in this CL, require additional
    upstream fix.

References: CVE-2016-7097
Reviewed-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
Bug: 32458736
Change-Id: I19591ad452cc825ac282b3cfd2daaa72aa9a1ac1
2017-02-07 15:21:07 +00:00
..
acl.c BACKPORT: posix_acl: Clear SGID bit when setting file permissions 2017-02-07 15:21:07 +00:00
acl.h GFS2: Increase the max number of ACLs 2014-03-19 15:16:24 +00:00
aops.c GFS2: merge window 2015-06-27 09:47:46 -07:00
bmap.c gfs2: perform quota checks against allocation parameters 2015-03-18 12:46:54 -05:00
bmap.h GFS2: Clean up journal extent mapping 2014-03-03 13:50:12 +00:00
dentry.c VFS: normal filesystems (and lustre): d_inode() annotations 2015-04-15 15:06:57 -04:00
dir.c GFS2: Protect freeing directory hash table with i_lock spin_lock 2015-11-04 12:05:42 -06:00
dir.h GFS2: Make rename not save dirent location 2014-10-01 14:06:15 +01:00
export.c VFS: normal filesystems (and lustre): d_inode() annotations 2015-04-15 15:06:57 -04:00
file.c GFS2: merge window 2015-11-09 18:01:23 -08:00
gfs2.h
glock.c gfs2: Remove gl_spin define 2015-10-29 12:57:48 -05:00
glock.h gfs2: Remove gl_spin define 2015-10-29 12:57:48 -05:00
glops.c gfs2: Remove gl_spin define 2015-10-29 12:57:48 -05:00
glops.h GFS2: update freeze code to use freeze/thaw_super on all nodes 2014-11-17 10:36:39 +00:00
incore.h gfs2: Remove gl_spin define 2015-10-29 12:57:48 -05:00
inode.c GFS2: merge window 2015-06-27 09:47:46 -07:00
inode.h GFS2: Add atomic_open support 2013-06-14 11:17:15 +01:00
Kconfig Finally eradicate CONFIG_HOTPLUG 2013-06-03 14:20:18 -07:00
lock_dlm.c remove abs64() 2015-11-09 15:11:24 -08:00
log.c GFS2: update freeze code to use freeze/thaw_super on all nodes 2014-11-17 10:36:39 +00:00
log.h GFS2: remove transaction glock 2014-05-14 10:04:34 +01:00
lops.c GFS2: merge window 2015-09-11 12:23:51 -07:00
lops.h GFS2: Move log buffer lists into transaction 2014-02-24 16:54:54 +00:00
main.c gfs2: Remove gl_spin define 2015-10-29 12:57:48 -05:00
Makefile GFS2: Rename ops_inode.c to inode.c 2011-05-10 13:12:49 +01:00
meta_io.c GFS2: Move glock superblock pointer to field gl_name 2015-09-03 13:33:09 -05:00
meta_io.h GFS2: Move glock superblock pointer to field gl_name 2015-09-03 13:33:09 -05:00
ops_fstype.c GFS2: Set s_mode before parsing mount options 2015-09-23 08:45:43 -05:00
quota.c GFS2: Move glock superblock pointer to field gl_name 2015-09-03 13:33:09 -05:00
quota.h gfs2: perform quota checks against allocation parameters 2015-03-18 12:46:54 -05:00
recovery.c GFS2: fix sprintf format specifier 2015-01-13 10:48:57 +00:00
recovery.h GFS2: Move recovery variables to journal structure in memory 2014-03-07 09:14:48 +00:00
rgrp.c GFS2: Fix rgrp end rounding problem for bsize < page size 2015-11-09 09:38:02 -06:00
rgrp.h GFS2: Don't brelse rgrp buffer_heads every allocation 2015-06-19 07:40:22 -05:00
super.c fs: create and use seq_show_option for escaping 2015-09-04 16:54:41 -07:00
super.h GFS2: update freeze code to use freeze/thaw_super on all nodes 2014-11-17 10:36:39 +00:00
sys.c gfs2: convert simple_str to kstr 2015-05-05 13:23:22 -05:00
sys.h GFS2: dlm based recovery coordination 2012-01-11 09:23:05 +00:00
trace_gfs2.h gfs2: Make statistics unsigned, suitable for use with do_div() 2015-09-03 13:33:32 -05:00
trans.c gfs2: Add missing else in trans_add_meta/data 2015-10-01 12:00:59 -05:00
trans.h GFS2: Split gfs2_trans_add_bh() into two 2013-01-29 10:28:04 +00:00
util.c GFS2: Convert gfs2_lm_withdraw to use fs_err 2014-03-07 09:39:18 +00:00
util.h GFS2: Convert gfs2_lm_withdraw to use fs_err 2014-03-07 09:39:18 +00:00
xattr.c xattr handlers: Pass handler to operations instead of flags 2015-11-13 20:34:32 -05:00
xattr.h sanitize xattr handler prototypes 2009-12-16 12:16:49 -05:00