UBUNTU: ubuntu: overlayfs -- inode_only_permission: export inode level permissions checks

We need to be able to check inode permissions (but not filesystem implied permissions) for stackable filesystems. Now that permissions involve checking with the security LSM, cgroups and basic inode permissions it is easy to miss a key permission check and introduce a security vunerability. Expose a new interface for these checks. Signed-off-by: Andy Whitcroft <apw@canonical.com> Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>
author: Andy Whitcroft <apw@canonical.com> 2012-05-01 16:17:51 +0100
committer: John Rigby <john.rigby@linaro.org> 2012-06-20 14:33:59 -0600
commit: 27ad0d83065f8ff8d11d85eceee08cd5ceeff49d (patch)
tree: f130c247e65fd954251b106292228c079f0ab75d /include
parent: c526cc593f926966e5e6fde2d2917f8c356c0828 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/include/linux/fs.h b/include/linux/fs.h
index a2916462d64..5111463d016 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -2227,6 +2227,7 @@ extern sector_t bmap(struct inode *, sector_t);
 #endif
 extern int notify_change(struct dentry *, struct iattr *);
 extern int inode_permission(struct inode *, int);
+extern int inode_only_permission(struct inode *, int);
 extern int generic_permission(struct inode *, int);
 
 static inline bool execute_ok(struct inode *inode)
author	Andy Whitcroft <apw@canonical.com>	2012-05-01 16:17:51 +0100
committer	John Rigby <john.rigby@linaro.org>	2012-06-20 14:33:59 -0600
commit	27ad0d83065f8ff8d11d85eceee08cd5ceeff49d (patch)
tree	f130c247e65fd954251b106292228c079f0ab75d /include
parent	c526cc593f926966e5e6fde2d2917f8c356c0828 (diff)