kernel_optimize_test/fs/gfs2
Jan Kara 073931017b posix_acl: Clear SGID bit when setting file permissions
When file permissions are modified via chmod(2) and the user is not in
the owning group or capable of CAP_FSETID, the setgid bit is cleared in
inode_change_ok().  Setting a POSIX ACL via setxattr(2) sets the file
permissions as well as the new ACL, but doesn't clear the setgid bit in
a similar way; this allows to bypass the check in chmod(2).  Fix that.

References: CVE-2016-7097
Reviewed-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
2016-09-22 10:55:32 +02:00
..
acl.c posix_acl: Clear SGID bit when setting file permissions 2016-09-22 10:55:32 +02:00
acl.h gfs2: Switch to generic xattr handlers 2016-05-12 22:28:05 -04:00
aops.c gfs2: writeout truncated pages 2016-06-27 10:03:12 -05:00
bmap.c block: get rid of bio_rw and READA 2016-07-20 17:37:01 -06:00
bmap.h GFS2: Clean up journal extent mapping 2014-03-03 13:50:12 +00:00
dentry.c gfs2: Lock holder cleanup 2016-06-27 09:47:09 -05:00
dir.c Merge branch 'for-4.8/drivers' of git://git.kernel.dk/linux-block 2016-07-26 15:37:51 -07:00
dir.h GFS2: Make rename not save dirent location 2014-10-01 14:06:15 +01:00
export.c gfs2: Get rid of gfs2_ilookup 2016-06-27 09:47:08 -05:00
file.c gfs2: Lock holder cleanup 2016-06-27 09:47:09 -05:00
gfs2.h
glock.c gfs2: Lock holder cleanup 2016-06-27 09:47:09 -05:00
glock.h gfs2: Lock holder cleanup 2016-06-27 09:47:09 -05:00
glops.c GFS2: Get rid of dead code in inode_go_demote_ok 2016-04-05 11:59:18 -04:00
glops.h GFS2: update freeze code to use freeze/thaw_super on all nodes 2014-11-17 10:36:39 +00:00
incore.h GFS2: Prevent delete work from occurring on glocks used for create 2016-03-15 10:46:37 -04:00
inode.c fs: return EPERM on immutable inode 2016-08-07 10:03:31 -04:00
inode.h gfs2: Get rid of gfs2_ilookup 2016-06-27 09:47:08 -05:00
Kconfig
lock_dlm.c remove abs64() 2015-11-09 15:11:24 -08:00
log.c gfs2: use bio op accessors 2016-06-07 13:41:38 -06:00
log.h GFS2: remove transaction glock 2014-05-14 10:04:34 +01:00
lops.c Merge branch 'for-4.8/core' of git://git.kernel.dk/linux-block 2016-07-26 15:03:07 -07:00
lops.h gfs2: use bio op accessors 2016-06-07 13:41:38 -06:00
main.c gfs2: Lock holder cleanup 2016-06-27 09:47:09 -05:00
Makefile
meta_io.c block: get rid of bio_rw and READA 2016-07-20 17:37:01 -06:00
meta_io.h GFS2: Refactor gfs2_remove_from_journal 2016-05-06 11:27:27 -05:00
ops_fstype.c Merge branch 'for-4.8/core' of git://git.kernel.dk/linux-block 2016-07-26 15:03:07 -07:00
quota.c Merge branch 'for-4.8/core' of git://git.kernel.dk/linux-block 2016-07-26 15:03:07 -07:00
quota.h GFS2: Make rgrp reservations part of the gfs2_inode structure 2015-12-14 12:16:38 -06:00
recovery.c GFS2: Fix gfs2_replay_incr_blk for multiple journal sizes 2016-07-21 13:02:44 -05:00
recovery.h GFS2: Fix gfs2_replay_incr_blk for multiple journal sizes 2016-07-21 13:02:44 -05:00
rgrp.c GFS2: Check rs_free with rd_rsspin protection 2016-07-12 11:48:22 -05:00
rgrp.h GFS2: Make rgrp reservations part of the gfs2_inode structure 2015-12-14 12:16:38 -06:00
super.c gfs2: Lock holder cleanup 2016-06-27 09:47:09 -05:00
super.h GFS2: update freeze code to use freeze/thaw_super on all nodes 2014-11-17 10:36:39 +00:00
sys.c gfs2: convert simple_str to kstr 2015-05-05 13:23:22 -05:00
sys.h
trace_gfs2.h gfs2: Make statistics unsigned, suitable for use with do_div() 2015-09-03 13:33:32 -05:00
trans.c gfs2: Add missing else in trans_add_meta/data 2015-10-01 12:00:59 -05:00
trans.h
util.c GFS2: ignore unlock failures after withdraw 2016-03-24 08:28:48 -04:00
util.h GFS2: Make rgrp reservations part of the gfs2_inode structure 2015-12-14 12:16:38 -06:00
xattr.c switch xattr_handler->set() to passing dentry and inode separately 2016-05-27 15:39:43 -04:00
xattr.h gfs2: Remove gfs2_xattr_acl_chmod 2015-12-06 21:25:17 -05:00