NFS: Fix access to suid/sgid executables (f8d9a897) · Commits · e / devices / android_kernel_xiaomi_nabu

fs/nfs/dir.c

+10 −6

Original line number	Diff line number	Diff line
		@@ -2153,12 +2153,16 @@ static int nfs_open_permission_mask(int openflags)
		{
		int mask = 0;

		if (openflags & __FMODE_EXEC) {
		/* ONLY check exec rights */
		mask = MAY_EXEC;
		} else {
		if ((openflags & O_ACCMODE) != O_WRONLY)
		mask \|= MAY_READ;
		if ((openflags & O_ACCMODE) != O_RDONLY)
		mask \|= MAY_WRITE;
		if (openflags & __FMODE_EXEC)
		mask \|= MAY_EXEC;
		}

		return mask;
		}

+11 −7

Original line number	Diff line number	Diff line
		@@ -1626,7 +1626,8 @@ static int _nfs4_recover_proc_open(struct nfs4_opendata *data)

		static int nfs4_opendata_access(struct rpc_cred *cred,
		struct nfs4_opendata *opendata,
		struct nfs4_state *state, fmode_t fmode)
		struct nfs4_state *state, fmode_t fmode,
		int openflags)
		{
		struct nfs_access_entry cache;
		u32 mask;
		@@ -1638,11 +1639,14 @@ static int nfs4_opendata_access(struct rpc_cred *cred,

		mask = 0;
		/* don't check MAY_WRITE - a newly created file may not have
		* write mode bits, but POSIX allows the creating process to write */
		if (fmode & FMODE_READ)
		mask \|= MAY_READ;
		if (fmode & FMODE_EXEC)
		mask \|= MAY_EXEC;
		* write mode bits, but POSIX allows the creating process to write.
		* use openflags to check for exec, because fmode won't
		* always have FMODE_EXEC set when file open for exec. */
		if (openflags & __FMODE_EXEC) {
		/* ONLY check for exec rights */
		mask = MAY_EXEC;
		} else if (fmode & FMODE_READ)
		mask = MAY_READ;

		cache.cred = cred;
		cache.jiffies = jiffies;
		@@ -1896,7 +1900,7 @@ static int _nfs4_do_open(struct inode *dir,
		if (server->caps & NFS_CAP_POSIX_LOCK)
		set_bit(NFS_STATE_POSIX_LOCKS, &state->flags);

		status = nfs4_opendata_access(cred, opendata, state, fmode);
		status = nfs4_opendata_access(cred, opendata, state, fmode, flags);
		if (status != 0)
		goto err_opendata_put;