tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

[PATCH] protect ext3 ioctl modifying append_only, immutable, etc. with i_mutex

All modifications of ->i_flags in inodes that might be visible to
somebody else must be under ->i_mutex. That patch fixes ext3 ioctl()
setting S_APPEND and friends.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

authored by

Al Viro and committed by
Linus Torvalds a090d913 6ad0013b

+14 -4
+14 -4
fs/ext3/ioctl.c
··· 48 48 if (!S_ISDIR(inode->i_mode)) 49 49 flags &= ~EXT3_DIRSYNC_FL; 50 50 51 + mutex_lock(&inode->i_mutex); 51 52 oldflags = ei->i_flags; 52 53 53 54 /* The JOURNAL_DATA flag is modifiable only by root */ ··· 61 60 * This test looks nicer. Thanks to Pauline Middelink 62 61 */ 63 62 if ((flags ^ oldflags) & (EXT3_APPEND_FL | EXT3_IMMUTABLE_FL)) { 64 - if (!capable(CAP_LINUX_IMMUTABLE)) 63 + if (!capable(CAP_LINUX_IMMUTABLE)) { 64 + mutex_unlock(&inode->i_mutex); 65 65 return -EPERM; 66 + } 66 67 } 67 68 68 69 /* ··· 72 69 * the relevant capability. 73 70 */ 74 71 if ((jflag ^ oldflags) & (EXT3_JOURNAL_DATA_FL)) { 75 - if (!capable(CAP_SYS_RESOURCE)) 72 + if (!capable(CAP_SYS_RESOURCE)) { 73 + mutex_unlock(&inode->i_mutex); 76 74 return -EPERM; 75 + } 77 76 } 78 77 79 78 80 79 handle = ext3_journal_start(inode, 1); 81 - if (IS_ERR(handle)) 80 + if (IS_ERR(handle)) { 81 + mutex_unlock(&inode->i_mutex); 82 82 return PTR_ERR(handle); 83 + } 83 84 if (IS_SYNC(inode)) 84 85 handle->h_sync = 1; 85 86 err = ext3_reserve_inode_write(handle, inode, &iloc); ··· 100 93 err = ext3_mark_iloc_dirty(handle, inode, &iloc); 101 94 flags_err: 102 95 ext3_journal_stop(handle); 103 - if (err) 96 + if (err) { 97 + mutex_unlock(&inode->i_mutex); 104 98 return err; 99 + } 105 100 106 101 if ((jflag ^ oldflags) & (EXT3_JOURNAL_DATA_FL)) 107 102 err = ext3_change_inode_journal_flag(inode, jflag); 103 + mutex_unlock(&inode->i_mutex); 108 104 return err; 109 105 } 110 106 case EXT3_IOC_GETVERSION: