UBUNTU: ubuntu: overlayfs -- inode_only_permission: export inode level permissions checks

We need to be able to check inode permissions (but not filesystem implied permissions) for stackable filesystems. Now that permissions involve checking with the security LSM, cgroups and basic inode permissions it is easy to miss a key permission check and introduce a security vunerability. Expose a new interface for these checks. Signed-off-by: Andy Whitcroft <apw@canonical.com> Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>
author: Andy Whitcroft <apw@canonical.com> 2012-05-01 16:17:51 +0100
committer: John Rigby <john.rigby@linaro.org> 2012-06-20 20:14:19 -0600
commit: a3b4fcdfbf33d03591fa43587e2510226a855078 (patch)
tree: f130c247e65fd954251b106292228c079f0ab75d /include
parent: 4e455818376a96f4771dfc1bc2f806e1177444d9 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/include/linux/fs.h b/include/linux/fs.h
index a2916462d64..5111463d016 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -2227,6 +2227,7 @@ extern sector_t bmap(struct inode *, sector_t);
 #endif
 extern int notify_change(struct dentry *, struct iattr *);
 extern int inode_permission(struct inode *, int);
+extern int inode_only_permission(struct inode *, int);
 extern int generic_permission(struct inode *, int);
 
 static inline bool execute_ok(struct inode *inode)
author	Andy Whitcroft <apw@canonical.com>	2012-05-01 16:17:51 +0100
committer	John Rigby <john.rigby@linaro.org>	2012-06-20 20:14:19 -0600
commit	a3b4fcdfbf33d03591fa43587e2510226a855078 (patch)
tree	f130c247e65fd954251b106292228c079f0ab75d /include
parent	4e455818376a96f4771dfc1bc2f806e1177444d9 (diff)