evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_oneplus_msm8998/fs/hfsplus
History
Jan Kara 49b60d4aa9 BACKPORT: posix_acl: Clear SGID bit when setting file permissions 
(cherry pick from commit 073931017b49d9458aa351605b43a7e34598caef)

When file permissions are modified via chmod(2) and the user is not in
the owning group or capable of CAP_FSETID, the setgid bit is cleared in
inode_change_ok().  Setting a POSIX ACL via setxattr(2) sets the file
permissions as well as the new ACL, but doesn't clear the setgid bit in
a similar way; this allows to bypass the check in chmod(2).  Fix that.

NB: We did not resolve the ACL leak in this CL, require additional
    upstream fix.

References: CVE-2016-7097
Reviewed-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
Bug: 32458736
Change-Id: I19591ad452cc825ac282b3cfd2daaa72aa9a1ac1
2017-02-07 15:21:07 +00:00
..
acl.h hfsplus: use generic posix ACL infrastructure 2014-01-25 23:58:20 -05:00
attributes.c hfsplus: remove unused routine hfsplus_attr_build_key_uni 2014-06-06 16:08:09 -07:00
bfind.c fs/hfsplus: replace if/BUG by BUG_ON 2015-04-17 09:04:05 -04:00
bitmap.c hfsplus: remove duplicated message prefix in hfsplus_block_free() 2013-04-30 17:04:05 -07:00
bnode.c hfs,hfsplus: cache pages correctly between bnode_create and bnode_free 2015-09-10 13:29:01 -07:00
brec.c hfsplus: fix B-tree corruption after insertion at position 0 2015-03-25 16:20:31 -07:00
btree.c hfsplus: fix "unused node is not erased" error 2014-06-06 16:08:10 -07:00
catalog.c hfsplus: add missing curly braces in hfsplus_delete_cat() 2015-04-17 09:04:04 -04:00
dir.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2015-04-26 17:22:07 -07:00
extents.c fs/hfsplus: fix pr_foo() and hfs_dbg formats 2014-06-06 16:08:10 -07:00
hfsplus_fs.h fs: cleanup slight list_entry abuse 2015-06-23 18:01:59 -04:00
hfsplus_raw.h hfsplus: fix "unused node is not erased" error 2014-06-06 16:08:10 -07:00
inode.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2015-04-26 17:22:07 -07:00
ioctl.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2015-04-26 17:22:07 -07:00
Kconfig hfsplus: add necessary declarations for POSIX ACLs support 2013-09-11 15:59:00 -07:00
Makefile hfsplus: integrate POSIX ACLs support into driver 2013-09-11 15:59:01 -07:00
options.c fs: create and use seq_show_option for escaping 2015-09-04 16:54:41 -07:00
part_tbl.c hfsplus: ensure bio requests are not smaller than the hardware sectors 2011-07-22 16:37:44 +02:00
posix_acl.c BACKPORT: posix_acl: Clear SGID bit when setting file permissions 2017-02-07 15:21:07 +00:00
super.c writeback: separate out include/linux/backing-dev-defs.h 2015-06-02 08:33:34 -06:00
tables.c
unicode.c Don't pass inode to ->d_hash() and ->d_compare() 2013-06-29 12:57:36 +04:00
wrapper.c fs/hfsplus/wrapper.c: replace shift loop by ilog2 2014-06-06 16:08:10 -07:00
xattr.c xattr handlers: Pass handler to operations instead of flags 2015-11-13 20:34:32 -05:00
xattr.h fs/hfsplus: move xattr_name allocation in hfsplus_setxattr() 2015-04-17 09:04:05 -04:00
xattr_security.c xattr handlers: Pass handler to operations instead of flags 2015-11-13 20:34:32 -05:00
xattr_trusted.c xattr handlers: Pass handler to operations instead of flags 2015-11-13 20:34:32 -05:00
xattr_user.c xattr handlers: Pass handler to operations instead of flags 2015-11-13 20:34:32 -05:00