diff options
-rw-r--r-- | security/yama/yama_lsm.c | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c index 4127150c402..23d4111d077 100644 --- a/security/yama/yama_lsm.c +++ b/security/yama/yama_lsm.c @@ -326,6 +326,18 @@ int yama_inode_follow_link(struct dentry *dentry, return rc; } +static int yama_generic_permission(struct inode *inode, int mask) +{ + int retval; + + if (inode->i_op->permission) + retval = inode->i_op->permission(inode, mask, 0); + else + retval = generic_permission(inode, mask, 0, + inode->i_op->check_acl); + return retval; +} + /** * yama_path_link - verify that hardlinking is allowed * @old_dentry: the source inode/dentry to hardlink from @@ -357,7 +369,7 @@ int yama_path_link(struct dentry *old_dentry, struct path *new_dir, if (cred->fsuid != inode->i_uid && (!S_ISREG(mode) || (mode & S_ISUID) || ((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) || - (generic_permission(inode, MAY_READ | MAY_WRITE, 0, NULL))) && + (yama_generic_permission(inode, MAY_READ | MAY_WRITE))) && !capable(CAP_FOWNER)) { char name[sizeof(current->comm)]; printk_ratelimited(KERN_INFO "non-accessible hardlink" |