evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_oneplus_msm8998/fs/jfs
History
Jan Kara 49b60d4aa9 BACKPORT: posix_acl: Clear SGID bit when setting file permissions 
(cherry pick from commit 073931017b49d9458aa351605b43a7e34598caef)

When file permissions are modified via chmod(2) and the user is not in
the owning group or capable of CAP_FSETID, the setgid bit is cleared in
inode_change_ok().  Setting a POSIX ACL via setxattr(2) sets the file
permissions as well as the new ACL, but doesn't clear the setgid bit in
a similar way; this allows to bypass the check in chmod(2).  Fix that.

NB: We did not resolve the ACL leak in this CL, require additional
    upstream fix.

References: CVE-2016-7097
Reviewed-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
Bug: 32458736
Change-Id: I19591ad452cc825ac282b3cfd2daaa72aa9a1ac1
2017-02-07 15:21:07 +00:00
..
acl.c BACKPORT: posix_acl: Clear SGID bit when setting file permissions 2017-02-07 15:21:07 +00:00
file.c jfs: Handle error from dquot_initialize() 2015-07-23 20:59:39 +02:00
inode.c A couple trivial fixes and an error path fix 2015-07-16 16:28:28 -07:00
ioctl.c ioctl_compat: handle FITRIM 2015-07-09 11:42:21 -07:00
jfs_acl.h jfs: use generic posix ACL infrastructure 2014-01-25 23:58:22 -05:00
jfs_btree.h
jfs_debug.c
jfs_debug.h
jfs_dinode.h
jfs_discard.c jfs: Fix FITRIM argument handling 2012-10-17 09:18:38 -05:00
jfs_discard.h fs/jfs: TRIM support for JFS Filesystem 2012-09-17 11:58:19 -05:00
jfs_dmap.c fs/jfs/jfs_dmap.c: replace min/casting by min_t 2014-06-03 14:14:00 -05:00
jfs_dmap.h fs/jfs: TRIM support for JFS Filesystem 2012-09-17 11:58:19 -05:00
jfs_dtree.c jfs: get rid of homegrown endianness helpers 2014-12-23 17:01:24 -06:00
jfs_dtree.h [readdir] convert jfs 2013-06-29 12:56:42 +04:00
jfs_extent.c jfs: Update jfs_error 2013-06-05 14:47:19 -05:00
jfs_extent.h
jfs_filsys.h fs/jfs: TRIM support for JFS Filesystem 2012-09-17 11:58:19 -05:00
jfs_imap.c jfs: Update jfs_error 2013-06-05 14:47:19 -05:00
jfs_imap.h
jfs_incore.h fs: cleanup slight list_entry abuse 2015-06-23 18:01:59 -04:00
jfs_inode.c jfs: Handle error from dquot_initialize() 2015-07-23 20:59:39 +02:00
jfs_inode.h
jfs_lock.h
jfs_logmgr.c fs: use helper bio_add_page() instead of open coding on bi_io_vec 2015-08-13 12:32:00 -06:00
jfs_logmgr.h
jfs_metapage.c block: add a bi_error field to struct bio 2015-07-29 08:55:15 -06:00
jfs_metapage.h fs, jfs: remove slab object constructor 2015-04-15 16:35:18 -07:00
jfs_mount.c
jfs_superblock.h jfs: Update jfs_error 2013-06-05 14:47:19 -05:00
jfs_txnmgr.c sched, cleanup, treewide: Remove set_current_state(TASK_RUNNING) after schedule() 2014-09-19 12:35:17 +02:00
jfs_txnmgr.h
jfs_types.h jfs: get rid of homegrown endianness helpers 2014-12-23 17:01:24 -06:00
jfs_umount.c
jfs_unicode.c
jfs_unicode.h
jfs_uniupr.c
jfs_xattr.h jfs: use generic posix ACL infrastructure 2014-01-25 23:58:22 -05:00
jfs_xtree.c jfs: Update jfs_error 2013-06-05 14:47:19 -05:00
jfs_xtree.h jfs: get rid of homegrown endianness helpers 2014-12-23 17:01:24 -06:00
Kconfig
Makefile fs/jfs: TRIM support for JFS Filesystem 2012-09-17 11:58:19 -05:00
namei.c fs/jfs: remove unnecessary new_valid_dev() checks 2015-11-09 15:11:24 -08:00
resize.c jfs: Update jfs_error 2013-06-05 14:47:19 -05:00
super.c fs/jfs: remove unnecessary new_valid_dev() checks 2015-11-09 15:11:24 -08:00
symlink.c jfs: switch to simple_follow_link() 2015-05-10 22:18:26 -04:00
xattr.c VFS: normal filesystems (and lustre): d_inode() annotations 2015-04-15 15:06:57 -04:00