From 4143179218960a70d821a425e3c23ce44aa93dee Mon Sep 17 00:00:00 2001 From: Lukas Czerner Date: Wed, 23 Feb 2011 12:42:32 -0500 Subject: ext4: check if device support discard in FITRIM ioctl For a device that does not support discard, the FITRIM ioctl returns -EOPNOTSUPP when blkdev_issue_discard() returns this error code, which is how the user is informed that the device does not support discard. If there are no suitable free extents to be trimmed, then FITRIM will return success even though the device does not support discard, which could confuse the user. So check explicitly if the device supports discard and return an error code at the beginning of the FITRIM ioctl processing. Signed-off-by: Lukas Czerner Signed-off-by: "Theodore Ts'o" --- fs/ext4/ioctl.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'fs/ext4/ioctl.c') diff --git a/fs/ext4/ioctl.c b/fs/ext4/ioctl.c index eb3bc2fe647..25ba7c79d28 100644 --- a/fs/ext4/ioctl.c +++ b/fs/ext4/ioctl.c @@ -334,12 +334,16 @@ mext_out: case FITRIM: { struct super_block *sb = inode->i_sb; + struct request_queue *q = bdev_get_queue(sb->s_bdev); struct fstrim_range range; int ret = 0; if (!capable(CAP_SYS_ADMIN)) return -EPERM; + if (!blk_queue_discard(q)) + return -EOPNOTSUPP; + if (copy_from_user(&range, (struct fstrim_range *)arg, sizeof(range))) return -EFAULT; -- cgit v1.2.3-70-g09d2 From 5c2ed62fd447e2c696e222dcf71d1322bbbc58d4 Mon Sep 17 00:00:00 2001 From: Lukas Czerner Date: Wed, 23 Feb 2011 17:49:51 -0500 Subject: ext4: Adjust minlen with discard_granularity in the FITRIM ioctl Discard granularity tells us the minimum size of extent that can be discarded by the device. If the user supplies a minimum extent that should be discarded (range.minlen) which is smaller than the discard granularity, increase minlen to the discard granularity, since there's no point submitting trim requests that the device will reject anyway. Signed-off-by: Lukas Czerner Signed-off-by: "Theodore Ts'o" --- fs/ext4/ioctl.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'fs/ext4/ioctl.c') diff --git a/fs/ext4/ioctl.c b/fs/ext4/ioctl.c index 25ba7c79d28..c052c9f0f3a 100644 --- a/fs/ext4/ioctl.c +++ b/fs/ext4/ioctl.c @@ -348,6 +348,8 @@ mext_out: sizeof(range))) return -EFAULT; + range.minlen = max((unsigned int)range.minlen, + q->limits.discard_granularity); ret = ext4_trim_fs(sb, &range); if (ret < 0) return ret; -- cgit v1.2.3-70-g09d2 From a56e69c28ad0782a99f3f196e93d57ba5a7e2324 Mon Sep 17 00:00:00 2001 From: Tao Ma Date: Sun, 20 Mar 2011 23:16:58 -0400 Subject: ext4: add FITRIM to compat_ioctl. FITRIM isn't added in compat_ioctl. So a 32 bit program can't be executed in a 64 bit platform. Add it in the compat_ioctl. Signed-off-by: Tao Ma Signed-off-by: "Theodore Ts'o" --- fs/ext4/ioctl.c | 1 + 1 file changed, 1 insertion(+) (limited to 'fs/ext4/ioctl.c') diff --git a/fs/ext4/ioctl.c b/fs/ext4/ioctl.c index c052c9f0f3a..bb424de9953 100644 --- a/fs/ext4/ioctl.c +++ b/fs/ext4/ioctl.c @@ -427,6 +427,7 @@ long ext4_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg) return err; } case EXT4_IOC_MOVE_EXT: + case FITRIM: break; default: return -ENOIOCTLCMD; -- cgit v1.2.3-70-g09d2 From 2e1496707560ecf98e9b0604622c0990f94861d3 Mon Sep 17 00:00:00 2001 From: "Serge E. Hallyn" Date: Wed, 23 Mar 2011 16:43:26 -0700 Subject: userns: rename is_owner_or_cap to inode_owner_or_capable And give it a kernel-doc comment. [akpm@linux-foundation.org: btrfs changed in linux-next] Signed-off-by: Serge E. Hallyn Cc: "Eric W. Biederman" Cc: Daniel Lezcano Acked-by: David Howells Cc: James Morris Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- fs/9p/acl.c | 2 +- fs/attr.c | 4 ++-- fs/btrfs/acl.c | 2 +- fs/btrfs/ioctl.c | 4 ++-- fs/ext2/acl.c | 2 +- fs/ext2/ioctl.c | 6 +++--- fs/ext3/acl.c | 2 +- fs/ext3/ioctl.c | 6 +++--- fs/ext4/acl.c | 2 +- fs/ext4/ioctl.c | 8 ++++---- fs/fcntl.c | 2 +- fs/generic_acl.c | 2 +- fs/gfs2/file.c | 2 +- fs/hfsplus/ioctl.c | 2 +- fs/inode.c | 13 ++++++++----- fs/jffs2/acl.c | 2 +- fs/jfs/ioctl.c | 2 +- fs/jfs/xattr.c | 2 +- fs/logfs/file.c | 2 +- fs/namei.c | 2 +- fs/nilfs2/ioctl.c | 2 +- fs/ocfs2/acl.c | 2 +- fs/ocfs2/ioctl.c | 2 +- fs/reiserfs/ioctl.c | 4 ++-- fs/reiserfs/xattr_acl.c | 2 +- fs/ubifs/ioctl.c | 2 +- fs/utimes.c | 2 +- fs/xattr.c | 2 +- include/linux/fs.h | 2 +- security/selinux/hooks.c | 2 +- 30 files changed, 47 insertions(+), 44 deletions(-) (limited to 'fs/ext4/ioctl.c') diff --git a/fs/9p/acl.c b/fs/9p/acl.c index 33aa116732c..535ab6eccb1 100644 --- a/fs/9p/acl.c +++ b/fs/9p/acl.c @@ -323,7 +323,7 @@ static int v9fs_xattr_set_acl(struct dentry *dentry, const char *name, if (S_ISLNK(inode->i_mode)) return -EOPNOTSUPP; - if (!is_owner_or_cap(inode)) + if (!inode_owner_or_capable(inode)) return -EPERM; if (value) { /* update the cached acl value */ diff --git a/fs/attr.c b/fs/attr.c index 7ca41811afa..1007ed61631 100644 --- a/fs/attr.c +++ b/fs/attr.c @@ -59,7 +59,7 @@ int inode_change_ok(const struct inode *inode, struct iattr *attr) /* Make sure a caller can chmod. */ if (ia_valid & ATTR_MODE) { - if (!is_owner_or_cap(inode)) + if (!inode_owner_or_capable(inode)) return -EPERM; /* Also check the setgid bit! */ if (!in_group_p((ia_valid & ATTR_GID) ? attr->ia_gid : @@ -69,7 +69,7 @@ int inode_change_ok(const struct inode *inode, struct iattr *attr) /* Check for setting the inode time. */ if (ia_valid & (ATTR_MTIME_SET | ATTR_ATIME_SET | ATTR_TIMES_SET)) { - if (!is_owner_or_cap(inode)) + if (!inode_owner_or_capable(inode)) return -EPERM; } diff --git a/fs/btrfs/acl.c b/fs/btrfs/acl.c index 9c949348510..de34bfad9ec 100644 --- a/fs/btrfs/acl.c +++ b/fs/btrfs/acl.c @@ -170,7 +170,7 @@ static int btrfs_xattr_acl_set(struct dentry *dentry, const char *name, int ret; struct posix_acl *acl = NULL; - if (!is_owner_or_cap(dentry->d_inode)) + if (!inode_owner_or_capable(dentry->d_inode)) return -EPERM; if (!IS_POSIXACL(dentry->d_inode)) diff --git a/fs/btrfs/ioctl.c b/fs/btrfs/ioctl.c index 5fdb2abc4fa..d1bace3df9b 100644 --- a/fs/btrfs/ioctl.c +++ b/fs/btrfs/ioctl.c @@ -158,7 +158,7 @@ static int btrfs_ioctl_setflags(struct file *file, void __user *arg) FS_SYNC_FL | FS_DIRSYNC_FL)) return -EOPNOTSUPP; - if (!is_owner_or_cap(inode)) + if (!inode_owner_or_capable(inode)) return -EACCES; mutex_lock(&inode->i_mutex); @@ -1077,7 +1077,7 @@ static noinline int btrfs_ioctl_subvol_setflags(struct file *file, if (flags & ~BTRFS_SUBVOL_RDONLY) return -EOPNOTSUPP; - if (!is_owner_or_cap(inode)) + if (!inode_owner_or_capable(inode)) return -EACCES; down_write(&root->fs_info->subvol_sem); diff --git a/fs/ext2/acl.c b/fs/ext2/acl.c index 7b4180554a6..abea5a17c76 100644 --- a/fs/ext2/acl.c +++ b/fs/ext2/acl.c @@ -406,7 +406,7 @@ ext2_xattr_set_acl(struct dentry *dentry, const char *name, const void *value, return -EINVAL; if (!test_opt(dentry->d_sb, POSIX_ACL)) return -EOPNOTSUPP; - if (!is_owner_or_cap(dentry->d_inode)) + if (!inode_owner_or_capable(dentry->d_inode)) return -EPERM; if (value) { diff --git a/fs/ext2/ioctl.c b/fs/ext2/ioctl.c index e7431309bdc..f81e250ac5c 100644 --- a/fs/ext2/ioctl.c +++ b/fs/ext2/ioctl.c @@ -39,7 +39,7 @@ long ext2_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) if (ret) return ret; - if (!is_owner_or_cap(inode)) { + if (!inode_owner_or_capable(inode)) { ret = -EACCES; goto setflags_out; } @@ -89,7 +89,7 @@ setflags_out: case EXT2_IOC_GETVERSION: return put_user(inode->i_generation, (int __user *) arg); case EXT2_IOC_SETVERSION: - if (!is_owner_or_cap(inode)) + if (!inode_owner_or_capable(inode)) return -EPERM; ret = mnt_want_write(filp->f_path.mnt); if (ret) @@ -115,7 +115,7 @@ setflags_out: if (!test_opt(inode->i_sb, RESERVATION) ||!S_ISREG(inode->i_mode)) return -ENOTTY; - if (!is_owner_or_cap(inode)) + if (!inode_owner_or_capable(inode)) return -EACCES; if (get_user(rsv_window_size, (int __user *)arg)) diff --git a/fs/ext3/acl.c b/fs/ext3/acl.c index e4fa49e6c53..9d021c0d472 100644 --- a/fs/ext3/acl.c +++ b/fs/ext3/acl.c @@ -435,7 +435,7 @@ ext3_xattr_set_acl(struct dentry *dentry, const char *name, const void *value, return -EINVAL; if (!test_opt(inode->i_sb, POSIX_ACL)) return -EOPNOTSUPP; - if (!is_owner_or_cap(inode)) + if (!inode_owner_or_capable(inode)) return -EPERM; if (value) { diff --git a/fs/ext3/ioctl.c b/fs/ext3/ioctl.c index fc080dd561f..f4090bd2f34 100644 --- a/fs/ext3/ioctl.c +++ b/fs/ext3/ioctl.c @@ -38,7 +38,7 @@ long ext3_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) unsigned int oldflags; unsigned int jflag; - if (!is_owner_or_cap(inode)) + if (!inode_owner_or_capable(inode)) return -EACCES; if (get_user(flags, (int __user *) arg)) @@ -123,7 +123,7 @@ flags_out: __u32 generation; int err; - if (!is_owner_or_cap(inode)) + if (!inode_owner_or_capable(inode)) return -EPERM; err = mnt_want_write(filp->f_path.mnt); @@ -192,7 +192,7 @@ setversion_out: if (err) return err; - if (!is_owner_or_cap(inode)) { + if (!inode_owner_or_capable(inode)) { err = -EACCES; goto setrsvsz_out; } diff --git a/fs/ext4/acl.c b/fs/ext4/acl.c index e0270d1f8d8..21eacd7b7d7 100644 --- a/fs/ext4/acl.c +++ b/fs/ext4/acl.c @@ -433,7 +433,7 @@ ext4_xattr_set_acl(struct dentry *dentry, const char *name, const void *value, return -EINVAL; if (!test_opt(inode->i_sb, POSIX_ACL)) return -EOPNOTSUPP; - if (!is_owner_or_cap(inode)) + if (!inode_owner_or_capable(inode)) return -EPERM; if (value) { diff --git a/fs/ext4/ioctl.c b/fs/ext4/ioctl.c index eb3bc2fe647..a84faa110bc 100644 --- a/fs/ext4/ioctl.c +++ b/fs/ext4/ioctl.c @@ -38,7 +38,7 @@ long ext4_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) unsigned int oldflags; unsigned int jflag; - if (!is_owner_or_cap(inode)) + if (!inode_owner_or_capable(inode)) return -EACCES; if (get_user(flags, (int __user *) arg)) @@ -146,7 +146,7 @@ flags_out: __u32 generation; int err; - if (!is_owner_or_cap(inode)) + if (!inode_owner_or_capable(inode)) return -EPERM; err = mnt_want_write(filp->f_path.mnt); @@ -298,7 +298,7 @@ mext_out: case EXT4_IOC_MIGRATE: { int err; - if (!is_owner_or_cap(inode)) + if (!inode_owner_or_capable(inode)) return -EACCES; err = mnt_want_write(filp->f_path.mnt); @@ -320,7 +320,7 @@ mext_out: case EXT4_IOC_ALLOC_DA_BLKS: { int err; - if (!is_owner_or_cap(inode)) + if (!inode_owner_or_capable(inode)) return -EACCES; err = mnt_want_write(filp->f_path.mnt); diff --git a/fs/fcntl.c b/fs/fcntl.c index 6c82e5bac03..22764c7c838 100644 --- a/fs/fcntl.c +++ b/fs/fcntl.c @@ -159,7 +159,7 @@ static int setfl(int fd, struct file * filp, unsigned long arg) /* O_NOATIME can only be set by the owner or superuser */ if ((arg & O_NOATIME) && !(filp->f_flags & O_NOATIME)) - if (!is_owner_or_cap(inode)) + if (!inode_owner_or_capable(inode)) return -EPERM; /* required for strict SunOS emulation */ diff --git a/fs/generic_acl.c b/fs/generic_acl.c index 06c48a89183..8f26d1a5891 100644 --- a/fs/generic_acl.c +++ b/fs/generic_acl.c @@ -74,7 +74,7 @@ generic_acl_set(struct dentry *dentry, const char *name, const void *value, return -EINVAL; if (S_ISLNK(inode->i_mode)) return -EOPNOTSUPP; - if (!is_owner_or_cap(inode)) + if (!inode_owner_or_capable(inode)) return -EPERM; if (value) { acl = posix_acl_from_xattr(value, size); diff --git a/fs/gfs2/file.c b/fs/gfs2/file.c index 4074b952b05..b2682e073ee 100644 --- a/fs/gfs2/file.c +++ b/fs/gfs2/file.c @@ -221,7 +221,7 @@ static int do_gfs2_set_flags(struct file *filp, u32 reqflags, u32 mask) goto out_drop_write; error = -EACCES; - if (!is_owner_or_cap(inode)) + if (!inode_owner_or_capable(inode)) goto out; error = 0; diff --git a/fs/hfsplus/ioctl.c b/fs/hfsplus/ioctl.c index 508ce662ce1..fbaa6690c8e 100644 --- a/fs/hfsplus/ioctl.c +++ b/fs/hfsplus/ioctl.c @@ -47,7 +47,7 @@ static int hfsplus_ioctl_setflags(struct file *file, int __user *user_flags) if (err) goto out; - if (!is_owner_or_cap(inode)) { + if (!inode_owner_or_capable(inode)) { err = -EACCES; goto out_drop_write; } diff --git a/fs/inode.c b/fs/inode.c index a21d5a938a1..0b3da4a7770 100644 --- a/fs/inode.c +++ b/fs/inode.c @@ -1735,11 +1735,14 @@ void inode_init_owner(struct inode *inode, const struct inode *dir, } EXPORT_SYMBOL(inode_init_owner); -/* - * return true if current either has CAP_FOWNER to the - * file, or owns the file. +/** + * inode_owner_or_capable - check current task permissions to inode + * @inode: inode being checked + * + * Return true if current either has CAP_FOWNER to the inode, or + * owns the file. */ -bool is_owner_or_cap(const struct inode *inode) +bool inode_owner_or_capable(const struct inode *inode) { struct user_namespace *ns = inode_userns(inode); @@ -1749,4 +1752,4 @@ bool is_owner_or_cap(const struct inode *inode) return true; return false; } -EXPORT_SYMBOL(is_owner_or_cap); +EXPORT_SYMBOL(inode_owner_or_capable); diff --git a/fs/jffs2/acl.c b/fs/jffs2/acl.c index 95b79672150..828a0e1ea43 100644 --- a/fs/jffs2/acl.c +++ b/fs/jffs2/acl.c @@ -402,7 +402,7 @@ static int jffs2_acl_setxattr(struct dentry *dentry, const char *name, if (name[0] != '\0') return -EINVAL; - if (!is_owner_or_cap(dentry->d_inode)) + if (!inode_owner_or_capable(dentry->d_inode)) return -EPERM; if (value) { diff --git a/fs/jfs/ioctl.c b/fs/jfs/ioctl.c index afe222bf300..6f98a186677 100644 --- a/fs/jfs/ioctl.c +++ b/fs/jfs/ioctl.c @@ -72,7 +72,7 @@ long jfs_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) if (err) return err; - if (!is_owner_or_cap(inode)) { + if (!inode_owner_or_capable(inode)) { err = -EACCES; goto setflags_out; } diff --git a/fs/jfs/xattr.c b/fs/jfs/xattr.c index 3fa4c32272d..24838f1eeee 100644 --- a/fs/jfs/xattr.c +++ b/fs/jfs/xattr.c @@ -678,7 +678,7 @@ static int can_set_system_xattr(struct inode *inode, const char *name, struct posix_acl *acl; int rc; - if (!is_owner_or_cap(inode)) + if (!inode_owner_or_capable(inode)) return -EPERM; /* diff --git a/fs/logfs/file.c b/fs/logfs/file.c index e86376b87af..c2ad7028def 100644 --- a/fs/logfs/file.c +++ b/fs/logfs/file.c @@ -196,7 +196,7 @@ long logfs_ioctl(struct file *file, unsigned int cmd, unsigned long arg) if (IS_RDONLY(inode)) return -EROFS; - if (!is_owner_or_cap(inode)) + if (!inode_owner_or_capable(inode)) return -EACCES; err = get_user(flags, (int __user *)arg); diff --git a/fs/namei.c b/fs/namei.c index dbb45a652ae..fc858b1124c 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -2036,7 +2036,7 @@ static int may_open(struct path *path, int acc_mode, int flag) } /* O_NOATIME can only be set by the owner or superuser */ - if (flag & O_NOATIME && !is_owner_or_cap(inode)) + if (flag & O_NOATIME && !inode_owner_or_capable(inode)) return -EPERM; /* diff --git a/fs/nilfs2/ioctl.c b/fs/nilfs2/ioctl.c index 95c04c2f2b3..f2469ba6246 100644 --- a/fs/nilfs2/ioctl.c +++ b/fs/nilfs2/ioctl.c @@ -113,7 +113,7 @@ static int nilfs_ioctl_setflags(struct inode *inode, struct file *filp, unsigned int flags, oldflags; int ret; - if (!is_owner_or_cap(inode)) + if (!inode_owner_or_capable(inode)) return -EACCES; if (get_user(flags, (int __user *)argp)) diff --git a/fs/ocfs2/acl.c b/fs/ocfs2/acl.c index 704f6b1742f..90f2729b7a5 100644 --- a/fs/ocfs2/acl.c +++ b/fs/ocfs2/acl.c @@ -497,7 +497,7 @@ static int ocfs2_xattr_set_acl(struct dentry *dentry, const char *name, if (!(osb->s_mount_opt & OCFS2_MOUNT_POSIX_ACL)) return -EOPNOTSUPP; - if (!is_owner_or_cap(inode)) + if (!inode_owner_or_capable(inode)) return -EPERM; if (value) { diff --git a/fs/ocfs2/ioctl.c b/fs/ocfs2/ioctl.c index 7a486819615..09de77ce002 100644 --- a/fs/ocfs2/ioctl.c +++ b/fs/ocfs2/ioctl.c @@ -82,7 +82,7 @@ static int ocfs2_set_inode_attr(struct inode *inode, unsigned flags, } status = -EACCES; - if (!is_owner_or_cap(inode)) + if (!inode_owner_or_capable(inode)) goto bail_unlock; if (!S_ISDIR(inode->i_mode)) diff --git a/fs/reiserfs/ioctl.c b/fs/reiserfs/ioctl.c index 79265fdc317..4e153051bc7 100644 --- a/fs/reiserfs/ioctl.c +++ b/fs/reiserfs/ioctl.c @@ -59,7 +59,7 @@ long reiserfs_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) if (err) break; - if (!is_owner_or_cap(inode)) { + if (!inode_owner_or_capable(inode)) { err = -EPERM; goto setflags_out; } @@ -103,7 +103,7 @@ setflags_out: err = put_user(inode->i_generation, (int __user *)arg); break; case REISERFS_IOC_SETVERSION: - if (!is_owner_or_cap(inode)) { + if (!inode_owner_or_capable(inode)) { err = -EPERM; break; } diff --git a/fs/reiserfs/xattr_acl.c b/fs/reiserfs/xattr_acl.c index 90d2fcb67a3..3dc38f1206f 100644 --- a/fs/reiserfs/xattr_acl.c +++ b/fs/reiserfs/xattr_acl.c @@ -26,7 +26,7 @@ posix_acl_set(struct dentry *dentry, const char *name, const void *value, size_t jcreate_blocks; if (!reiserfs_posixacl(inode->i_sb)) return -EOPNOTSUPP; - if (!is_owner_or_cap(inode)) + if (!inode_owner_or_capable(inode)) return -EPERM; if (value) { diff --git a/fs/ubifs/ioctl.c b/fs/ubifs/ioctl.c index 8aacd64957a..548acf494af 100644 --- a/fs/ubifs/ioctl.c +++ b/fs/ubifs/ioctl.c @@ -160,7 +160,7 @@ long ubifs_ioctl(struct file *file, unsigned int cmd, unsigned long arg) if (IS_RDONLY(inode)) return -EROFS; - if (!is_owner_or_cap(inode)) + if (!inode_owner_or_capable(inode)) return -EACCES; if (get_user(flags, (int __user *) arg)) diff --git a/fs/utimes.c b/fs/utimes.c index 179b5869065..ba653f3dc1b 100644 --- a/fs/utimes.c +++ b/fs/utimes.c @@ -95,7 +95,7 @@ static int utimes_common(struct path *path, struct timespec *times) if (IS_IMMUTABLE(inode)) goto mnt_drop_write_and_out; - if (!is_owner_or_cap(inode)) { + if (!inode_owner_or_capable(inode)) { error = inode_permission(inode, MAY_WRITE); if (error) goto mnt_drop_write_and_out; diff --git a/fs/xattr.c b/fs/xattr.c index 01bb8135e14..a19acdb81cd 100644 --- a/fs/xattr.c +++ b/fs/xattr.c @@ -59,7 +59,7 @@ xattr_permission(struct inode *inode, const char *name, int mask) if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode)) return -EPERM; if (S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX) && - (mask & MAY_WRITE) && !is_owner_or_cap(inode)) + (mask & MAY_WRITE) && !inode_owner_or_capable(inode)) return -EPERM; } diff --git a/include/linux/fs.h b/include/linux/fs.h index 9eebc646d14..4dda076c24a 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -1463,7 +1463,7 @@ enum { */ extern struct user_namespace init_user_ns; #define inode_userns(inode) (&init_user_ns) -extern bool is_owner_or_cap(const struct inode *inode); +extern bool inode_owner_or_capable(const struct inode *inode); /* not quite ready to be deprecated, but... */ extern void lock_super(struct super_block *); diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index c67f863d354..f9c3764e485 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2725,7 +2725,7 @@ static int selinux_inode_setxattr(struct dentry *dentry, const char *name, if (!(sbsec->flags & SE_SBLABELSUPP)) return -EOPNOTSUPP; - if (!is_owner_or_cap(inode)) + if (!inode_owner_or_capable(inode)) return -EPERM; COMMON_AUDIT_DATA_INIT(&ad, FS); -- cgit v1.2.3-70-g09d2