diff options
author | Andy Whitcroft <apw@canonical.com> | 2012-05-01 16:17:51 +0100 |
---|---|---|
committer | John Rigby <john.rigby@linaro.org> | 2012-06-25 15:02:27 -0600 |
commit | 0dbf68a3e2f87216e834403eb4ac61d455bf7c50 (patch) | |
tree | 9c485598f991a0a9fbcb57e99a4d7631382621a2 /include/linux/fs.h | |
parent | dd6f02b65ad382045f6c57e482fef3f57222f098 (diff) |
UBUNTU: ubuntu: overlayfs -- inode_only_permission: export inode level permissions checks
We need to be able to check inode permissions (but not filesystem implied
permissions) for stackable filesystems. Now that permissions involve
checking with the security LSM, cgroups and basic inode permissions it is
easy to miss a key permission check and introduce a security vunerability.
Expose a new interface for these checks.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>
Diffstat (limited to 'include/linux/fs.h')
-rw-r--r-- | include/linux/fs.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/linux/fs.h b/include/linux/fs.h index 49b86cf0564..e99bb48293d 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -2263,6 +2263,7 @@ extern sector_t bmap(struct inode *, sector_t); #endif extern int notify_change(struct dentry *, struct iattr *); extern int inode_permission(struct inode *, int); +extern int inode_only_permission(struct inode *, int); extern int generic_permission(struct inode *, int); static inline bool execute_ok(struct inode *inode) |