mm: write_cache_pages integrity fix

[safe/jmp/linux-2.6] / fs / open.c

diff --git a/fs/open.c b/fs/open.c
index f96eaab..d882fd2 100644 (file)
--- a/fs/open.c
+++ b/fs/open.c
@@ -272,6 +272,8 @@ static long do_sys_truncate(const char __user *pathname, loff_t length)
                goto put_write_and_out;
 
        error = locks_verify_truncate(inode, NULL, length);
+       if (!error)
+               error = security_path_truncate(&path, length, 0);
        if (!error) {
                DQUOT_INIT(inode);
                error = do_truncate(path.dentry, length, 0, NULL);
@@ -329,6 +331,9 @@ static long do_sys_ftruncate(unsigned int fd, loff_t length, int small)
 
        error = locks_verify_truncate(inode, file, length);
        if (!error)
+               error = security_path_truncate(&file->f_path, length,
+                                              ATTR_MTIME|ATTR_CTIME);
+       if (!error)
                error = do_truncate(dentry, length, ATTR_MTIME|ATTR_CTIME, file);
 out_putf:
        fput(file);
@@ -407,7 +412,7 @@ asmlinkage long sys_fallocate(int fd, int mode, loff_t offset, loff_t len)
        if (((offset + len) > inode->i_sb->s_maxbytes) || ((offset + len) < 0))
                goto out_fput;
 
-       if (inode->i_op && inode->i_op->fallocate)
+       if (inode->i_op->fallocate)
                ret = inode->i_op->fallocate(inode, mode, offset, len);
        else
                ret = -EOPNOTSUPP;
@@ -425,30 +430,33 @@ out:
  */
 asmlinkage long sys_faccessat(int dfd, const char __user *filename, int mode)
 {
-       struct cred *cred = current->cred;
+       const struct cred *old_cred;
+       struct cred *override_cred;
        struct path path;
        struct inode *inode;
-       int old_fsuid, old_fsgid;
-       kernel_cap_t uninitialized_var(old_cap);  /* !SECURE_NO_SETUID_FIXUP */
        int res;
 
        if (mode & ~S_IRWXO)    /* where's F_OK, X_OK, W_OK, R_OK? */
                return -EINVAL;
 
-       old_fsuid = cred->fsuid;
-       old_fsgid = cred->fsgid;
+       override_cred = prepare_creds();
+       if (!override_cred)
+               return -ENOMEM;
 
-       cred->fsuid = cred->uid;
-       cred->fsgid = cred->gid;
+       override_cred->fsuid = override_cred->uid;
+       override_cred->fsgid = override_cred->gid;
 
        if (!issecure(SECURE_NO_SETUID_FIXUP)) {
                /* Clear the capabilities if we switch to a non-root user */
-               if (current->cred->uid)
-                       old_cap = cap_set_effective(__cap_empty_set);
+               if (override_cred->uid)
+                       cap_clear(override_cred->cap_effective);
                else
-                       old_cap = cap_set_effective(cred->cap_permitted);
+                       override_cred->cap_effective =
+                               override_cred->cap_permitted;
        }
 
+       old_cred = override_creds(override_cred);
+
        res = user_path_at(dfd, filename, LOOKUP_FOLLOW, &path);
        if (res)
                goto out;
@@ -485,12 +493,8 @@ asmlinkage long sys_faccessat(int dfd, const char __user *filename, int mode)
 out_path_release:
        path_put(&path);
 out:
-       cred->fsuid = old_fsuid;
-       cred->fsgid = old_fsgid;
-
-       if (!issecure(SECURE_NO_SETUID_FIXUP))
-               cap_set_effective(old_cap);
-
+       revert_creds(old_cred);
+       put_cred(override_cred);
        return res;
 }