From 894ec8707ced240b96dc45944790fb35d9a6b03c Mon Sep 17 00:00:00 2001 From: Daniel Drake Date: Mon, 12 Dec 2005 00:37:08 -0800 Subject: [PATCH] Fix listxattr() for generic security attributes Commit f549d6c18c0e8e6cf1bf0e7a47acc1daf7e2cec1 introduced a generic fallback for security xattrs, but appears to include a subtle bug. Gentoo users with kernels with selinux compiled in, and coreutils compiled with acl support, noticed that they could not copy files on tmpfs using 'cp'. cp (compiled with acl support) copies the file, lists the extended attributes on the old file, copies them all to the new file, and then exits. However the listxattr() calls were failing with this odd behaviour: llistxattr("a.out", (nil), 0) = 17 llistxattr("a.out", 0x7fffff8c6cb0, 17) = -1 ERANGE (Numerical result out of range) I believe this is a simple problem in the logic used to check the buffer sizes; if the user sends a buffer the exact size of the data, then its ok :) This change solves the problem. More info can be found at http://bugs.gentoo.org/113138 Signed-off-by: Daniel Drake Acked-by: James Morris Acked-by: Stephen Smalley Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- fs/xattr.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'fs') diff --git a/fs/xattr.c b/fs/xattr.c index a9db22557998..bcc2156d4d28 100644 --- a/fs/xattr.c +++ b/fs/xattr.c @@ -245,7 +245,7 @@ listxattr(struct dentry *d, char __user *list, size_t size) error = d->d_inode->i_op->listxattr(d, klist, size); } else { error = security_inode_listsecurity(d->d_inode, klist, size); - if (size && error >= size) + if (size && error > size) error = -ERANGE; } if (error > 0) { -- cgit v1.2.1 From 8140a5005bc6f1c9d0fa103460d50d472e6e3426 Mon Sep 17 00:00:00 2001 From: John McCutchan Date: Mon, 12 Dec 2005 00:37:14 -0800 Subject: [PATCH] inotify: add two inotify_add_watch flags The below patch lets userspace have more control over the inodes that inotify will watch. It introduces two new flags. IN_ONLYDIR -- only watch the inode if it is a directory. This is needed to avoid the race that can occur when we want to be sure that we are watching a directory. IN_DONT_FOLLOW -- don't follow a symlink. In combination with IN_ONLYDIR we can make sure that we don't watch the target of symlinks. The issues the flags fix came up when writing the gnome-vfs inotify backend. Default behaviour is unchanged. Signed-off-by: John McCutchan Acked-by: Robert Love Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- fs/inotify.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) (limited to 'fs') diff --git a/fs/inotify.c b/fs/inotify.c index bf7ce1d2412b..2fecb7af4a77 100644 --- a/fs/inotify.c +++ b/fs/inotify.c @@ -364,11 +364,12 @@ static int inotify_dev_get_wd(struct inotify_device *dev, /* * find_inode - resolve a user-given path to a specific inode and return a nd */ -static int find_inode(const char __user *dirname, struct nameidata *nd) +static int find_inode(const char __user *dirname, struct nameidata *nd, + unsigned flags) { int error; - error = __user_walk(dirname, LOOKUP_FOLLOW, nd); + error = __user_walk(dirname, flags, nd); if (error) return error; /* you can only watch an inode if you have read permissions on it */ @@ -933,6 +934,7 @@ asmlinkage long sys_inotify_add_watch(int fd, const char __user *path, u32 mask) struct file *filp; int ret, fput_needed; int mask_add = 0; + unsigned flags = 0; filp = fget_light(fd, &fput_needed); if (unlikely(!filp)) @@ -944,7 +946,12 @@ asmlinkage long sys_inotify_add_watch(int fd, const char __user *path, u32 mask) goto fput_and_out; } - ret = find_inode(path, &nd); + if (!(mask & IN_DONT_FOLLOW)) + flags |= LOOKUP_FOLLOW; + if (mask & IN_ONLYDIR) + flags |= LOOKUP_DIRECTORY; + + ret = find_inode(path, &nd, flags); if (unlikely(ret)) goto fput_and_out; -- cgit v1.2.1