UBUNTU: ubuntu: overlayfs -- inode_only_permission: export inode level permissions checks

We need to be able to check inode permissions (but not filesystem implied permissions) for stackable filesystems. Now that permissions involve checking with the security LSM, cgroups and basic inode permissions it is easy to miss a key permission check and introduce a security vunerability. Expose a new interface for these checks. Signed-off-by: Andy Whitcroft <apw@canonical.com> Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>
author: Andy Whitcroft <apw@canonical.com> 2012-05-01 16:17:51 +0100
committer: John Rigby <john.rigby@linaro.org> 2012-06-25 15:02:27 -0600
commit: 0dbf68a3e2f87216e834403eb4ac61d455bf7c50 (patch)
tree: 9c485598f991a0a9fbcb57e99a4d7631382621a2 /include/linux/fs.h
parent: dd6f02b65ad382045f6c57e482fef3f57222f098 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/include/linux/fs.h b/include/linux/fs.h
index 49b86cf0564..e99bb48293d 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -2263,6 +2263,7 @@ extern sector_t bmap(struct inode *, sector_t);
 #endif
 extern int notify_change(struct dentry *, struct iattr *);
 extern int inode_permission(struct inode *, int);
+extern int inode_only_permission(struct inode *, int);
 extern int generic_permission(struct inode *, int);
 
 static inline bool execute_ok(struct inode *inode)
author	Andy Whitcroft <apw@canonical.com>	2012-05-01 16:17:51 +0100
committer	John Rigby <john.rigby@linaro.org>	2012-06-25 15:02:27 -0600
commit	0dbf68a3e2f87216e834403eb4ac61d455bf7c50 (patch)
tree	9c485598f991a0a9fbcb57e99a4d7631382621a2 /include/linux/fs.h
parent	dd6f02b65ad382045f6c57e482fef3f57222f098 (diff)