UBUNTU: ubuntu: overlayfs -- inode_only_permission: export inode level permissions checks

We need to be able to check inode permissions (but not filesystem implied permissions) for stackable filesystems. Now that permissions involve checking with the security LSM, cgroups and basic inode permissions it is easy to miss a key permission check and introduce a security vunerability. Expose a new interface for these checks. Signed-off-by: Andy Whitcroft <apw@canonical.com> Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>
author: Andy Whitcroft <apw@canonical.com> 2012-05-01 16:17:51 +0100
committer: John Rigby <john.rigby@linaro.org> 2012-06-23 23:16:16 -0600
commit: 2cc116fe37fa6037a753c04dd1e9c3d1570ababc (patch)
tree: 9c485598f991a0a9fbcb57e99a4d7631382621a2 /include
parent: 7533acacf3fc27a89012fad7dc56ffefc605a75a (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/include/linux/fs.h b/include/linux/fs.h
index 49b86cf0564..e99bb48293d 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -2263,6 +2263,7 @@ extern sector_t bmap(struct inode *, sector_t);
 #endif
 extern int notify_change(struct dentry *, struct iattr *);
 extern int inode_permission(struct inode *, int);
+extern int inode_only_permission(struct inode *, int);
 extern int generic_permission(struct inode *, int);
 
 static inline bool execute_ok(struct inode *inode)
author	Andy Whitcroft <apw@canonical.com>	2012-05-01 16:17:51 +0100
committer	John Rigby <john.rigby@linaro.org>	2012-06-23 23:16:16 -0600
commit	2cc116fe37fa6037a753c04dd1e9c3d1570ababc (patch)
tree	9c485598f991a0a9fbcb57e99a4d7631382621a2 /include
parent	7533acacf3fc27a89012fad7dc56ffefc605a75a (diff)