fs: Reorder inode_owner_or_capable() to avoid needless
authorKees Cook <keescook@chromium.org>
Wed, 21 Jun 2017 16:53:06 +0000 (09:53 -0700)
committerAl Viro <viro@zeniv.linux.org.uk>
Fri, 30 Jun 2017 00:08:32 +0000 (20:08 -0400)
commitcc658db47d6897a8571fb6227f59d1d18151b0b2
tree67d1bd8c5c8f3f7c90a6f24c39832fc0218de07a
parent41124db869b7e00e12052555f8987867ac01d70c
fs: Reorder inode_owner_or_capable() to avoid needless

Checking for capabilities should be the last operation when performing
access control tests so that PF_SUPERPRIV is set only when it was required
for success (implying that the capability was needed for the operation).

Reported-by: Solar Designer <solar@openwall.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Acked-by: Serge Hallyn <serge@hallyn.com>
Reviewed-by: Andy Lutomirski <luto@kernel.org>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
fs/inode.c
fs/namei.c