xiaomi-sm8450/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[PATCH] sanitize __user_walk_fd() et.al.

Browse Source 
* do not pass nameidata; struct path is all the callers want.
* switch to new helpers:
	user_path_at(dfd, pathname, flags, &path)
	user_path(pathname, &path)
	user_lpath(pathname, &path)
	user_path_dir(pathname, &path)  (fail if not a directory)
  The last 3 are trivial macro wrappers for the first one.
* remove nameidata in callers.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
This commit is contained in:
Al Viro
2008-07-22 09:59:21 -04:00
parent 256984a838
commit 2d8f30380a
13 changed files with 235 additions and 238 deletions
Download Patch File Download Diff File Expand all files Collapse all files

96
fs/xattr.c
View File

@@ -252,40 +252,40 @@ setxattr(struct dentry *d, const char __user *name, const void __user *value,
}
asmlinkage long
sys_setxattr(const char __user *path, const char __user *name,
sys_setxattr(const char __user *pathname, const char __user *name,
const void __user *value, size_t size, int flags)
{
struct nameidata nd;
struct path path;
int error;
error = user_path_walk(path, &nd);
error = user_path(pathname, &path);
if (error)
return error;
error = mnt_want_write(nd.path.mnt);
error = mnt_want_write(path.mnt);
if (!error) {
error = setxattr(nd.path.dentry, name, value, size, flags);
mnt_drop_write(nd.path.mnt);
error = setxattr(path.dentry, name, value, size, flags);
mnt_drop_write(path.mnt);
}
path_put(&nd.path);
path_put(&path);
return error;
}
asmlinkage long
sys_lsetxattr(const char __user *path, const char __user *name,
sys_lsetxattr(const char __user *pathname, const char __user *name,
const void __user *value, size_t size, int flags)
{
struct nameidata nd;
struct path path;
int error;
error = user_path_walk_link(path, &nd);
error = user_lpath(pathname, &path);
if (error)
return error;
error = mnt_want_write(nd.path.mnt);
error = mnt_want_write(path.mnt);
if (!error) {
error = setxattr(nd.path.dentry, name, value, size, flags);
mnt_drop_write(nd.path.mnt);
error = setxattr(path.dentry, name, value, size, flags);
mnt_drop_write(path.mnt);
}
path_put(&nd.path);
path_put(&path);
return error;
}
@@ -350,32 +350,32 @@ getxattr(struct dentry *d, const char __user *name, void __user *value,
}
asmlinkage ssize_t
sys_getxattr(const char __user *path, const char __user *name,
sys_getxattr(const char __user *pathname, const char __user *name,
void __user *value, size_t size)
{
struct nameidata nd;
struct path path;
ssize_t error;
error = user_path_walk(path, &nd);
error = user_path(pathname, &path);
if (error)
return error;
error = getxattr(nd.path.dentry, name, value, size);
path_put(&nd.path);
error = getxattr(path.dentry, name, value, size);
path_put(&path);
return error;
}
asmlinkage ssize_t
sys_lgetxattr(const char __user *path, const char __user *name, void __user *value,
sys_lgetxattr(const char __user *pathname, const char __user *name, void __user *value,
size_t size)
{
struct nameidata nd;
struct path path;
ssize_t error;
error = user_path_walk_link(path, &nd);
error = user_lpath(pathname, &path);
if (error)
return error;
error = getxattr(nd.path.dentry, name, value, size);
path_put(&nd.path);
error = getxattr(path.dentry, name, value, size);
path_put(&path);
return error;
}
@@ -425,30 +425,30 @@ listxattr(struct dentry *d, char __user *list, size_t size)
}
asmlinkage ssize_t
sys_listxattr(const char __user *path, char __user *list, size_t size)
sys_listxattr(const char __user *pathname, char __user *list, size_t size)
{
struct nameidata nd;
struct path path;
ssize_t error;
error = user_path_walk(path, &nd);
error = user_path(pathname, &path);
if (error)
return error;
error = listxattr(nd.path.dentry, list, size);
path_put(&nd.path);
error = listxattr(path.dentry, list, size);
path_put(&path);
return error;
}
asmlinkage ssize_t
sys_llistxattr(const char __user *path, char __user *list, size_t size)
sys_llistxattr(const char __user *pathname, char __user *list, size_t size)
{
struct nameidata nd;
struct path path;
ssize_t error;
error = user_path_walk_link(path, &nd);
error = user_lpath(pathname, &path);
if (error)
return error;
error = listxattr(nd.path.dentry, list, size);
path_put(&nd.path);
error = listxattr(path.dentry, list, size);
path_put(&path);
return error;
}
@@ -486,38 +486,38 @@ removexattr(struct dentry *d, const char __user *name)
}
asmlinkage long
sys_removexattr(const char __user *path, const char __user *name)
sys_removexattr(const char __user *pathname, const char __user *name)
{
struct nameidata nd;
struct path path;
int error;
error = user_path_walk(path, &nd);
error = user_path(pathname, &path);
if (error)
return error;
error = mnt_want_write(nd.path.mnt);
error = mnt_want_write(path.mnt);
if (!error) {
error = removexattr(nd.path.dentry, name);
mnt_drop_write(nd.path.mnt);
error = removexattr(path.dentry, name);
mnt_drop_write(path.mnt);
}
path_put(&nd.path);
path_put(&path);
return error;
}
asmlinkage long
sys_lremovexattr(const char __user *path, const char __user *name)
sys_lremovexattr(const char __user *pathname, const char __user *name)
{
struct nameidata nd;
struct path path;
int error;
error = user_path_walk_link(path, &nd);
error = user_lpath(pathname, &path);
if (error)
return error;
error = mnt_want_write(nd.path.mnt);
error = mnt_want_write(path.mnt);
if (!error) {
error = removexattr(nd.path.dentry, name);
mnt_drop_write(nd.path.mnt);
error = removexattr(path.dentry, name);
mnt_drop_write(path.mnt);
}
path_put(&nd.path);
path_put(&path);
return error;
}