From: Linus Torvalds Date: Sun, 8 Jul 2007 19:02:55 +0000 (-0700) Subject: Fix permission checking for the new utimensat() system call X-Git-Tag: v2.6.22~2 X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1e5de2837c166535f9bb4232bfe97ea1f9fc7a1c;p=linux-2.6 Fix permission checking for the new utimensat() system call Commit 1c710c896eb461895d3c399e15bb5f20b39c9073 added the utimensat() system call, but didn't handle the case of checking for the writability of the target right, when the target was a file descriptor, not a filename. We cannot use vfs_permission(MAY_WRITE) for that case, and need to simply check whether the file descriptor is writable. The oops from using the wrong function was noticed and narrowed down by Markus Trippelsdorf. Cc: Ulrich Drepper Cc: Markus Trippelsdorf Cc: Andrew Morton Acked-by: Al Viro Signed-off-by: Linus Torvalds --- diff --git a/fs/utimes.c b/fs/utimes.c index 480f7c8c29..b3c8895246 100644 --- a/fs/utimes.c +++ b/fs/utimes.c @@ -106,9 +106,16 @@ long do_utimes(int dfd, char __user *filename, struct timespec *times, int flags if (IS_IMMUTABLE(inode)) goto dput_and_out; - if (current->fsuid != inode->i_uid && - (error = vfs_permission(&nd, MAY_WRITE)) != 0) - goto dput_and_out; + if (current->fsuid != inode->i_uid) { + if (f) { + if (!(f->f_mode & FMODE_WRITE)) + goto dput_and_out; + } else { + error = vfs_permission(&nd, MAY_WRITE); + if (error) + goto dput_and_out; + } + } } mutex_lock(&inode->i_mutex); error = notify_change(dentry, &newattrs);