rpms/kernel/F-13 btrfs-check-for-read-permission-on-src-file-in-clone-ioctl.patch, NONE, 1.1 kernel.spec, 1.2037, 1.2038

Kyle McMartin kyle at fedoraproject.org
Tue May 18 16:22:20 UTC 2010 

Author: kyle

Update of /cvs/pkgs/rpms/kernel/F-13
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv20518

Modified Files:
	kernel.spec 
Added Files:
	btrfs-check-for-read-permission-on-src-file-in-clone-ioctl.patch 
Log Message:
* Tue May 18 2010 Kyle McMartin <kyle at redhat.com>
- btrfs: check for read permission on src file in the clone ioctl
  (rhbz#593226)


btrfs-check-for-read-permission-on-src-file-in-clone-ioctl.patch:
 ioctl.c |    5 +++++
 1 file changed, 5 insertions(+)

--- NEW FILE btrfs-check-for-read-permission-on-src-file-in-clone-ioctl.patch ---
From: Dan Rosenberg <dan.j.rosenberg at gmail.com>
Date: Sat, 15 May 2010 15:27:37 +0000 (-0400)
Subject: Btrfs: check for read permission on src file in the clone ioctl
X-Git-Tag: v2.6.34~3^2
X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=5dc6416414fb3ec6e2825fd4d20c8bf1d7fe0395

Btrfs: check for read permission on src file in the clone ioctl

The existing code would have allowed you to clone a file that was
only open for writing

Signed-off-by: Chris Mason <chris.mason at oracle.com>
---

diff --git a/fs/btrfs/ioctl.c b/fs/btrfs/ioctl.c
index 2b7dd88..9de6c3a 100644
--- a/fs/btrfs/ioctl.c
+++ b/fs/btrfs/ioctl.c
@@ -1480,12 +1480,17 @@ static noinline long btrfs_ioctl_clone(struct file *file, unsigned long srcfd,
 		ret = -EBADF;
 		goto out_drop_write;
 	}
+
 	src = src_file->f_dentry->d_inode;
 
 	ret = -EINVAL;
 	if (src == inode)
 		goto out_fput;
 
+	/* the src must be open for reading */
+	if (!(src_file->f_mode & FMODE_READ))
+		goto out_fput;
+
 	ret = -EISDIR;
 	if (S_ISDIR(src->i_mode) || S_ISDIR(inode->i_mode))
 		goto out_fput;


Index: kernel.spec
===================================================================
RCS file: /cvs/pkgs/rpms/kernel/F-13/kernel.spec,v
retrieving revision 1.2037
retrieving revision 1.2038
diff -u -p -r1.2037 -r1.2038
--- kernel.spec	17 May 2010 20:36:40 -0000	1.2037
+++ kernel.spec	18 May 2010 16:22:19 -0000	1.2038
@@ -848,6 +848,9 @@ Patch12850: crypto-aesni-kill-module_ali
 # automatically mount debugfs when perf needs it
 Patch12851: perf-mount-debugfs-automatically.patch
 
+# upstream 5dc6416414fb3ec6e2825fd4d20c8bf1d7fe0395 (#593226)
+Patch12900: btrfs-check-for-read-permission-on-src-file-in-clone-ioctl.patch
+
 %endif
 
 BuildRoot: %{_tmppath}/kernel-%{KVERREL}-root
@@ -1547,6 +1550,9 @@ ApplyPatch crypto-aesni-kill-module_alia
 # automagically mount debugfs for perf
 ApplyPatch perf-mount-debugfs-automatically.patch
 
+# upstream 5dc6416414fb3ec6e2825fd4d20c8bf1d7fe0395 (#593226)
+ApplyPatch btrfs-check-for-read-permission-on-src-file-in-clone-ioctl.patch
+
 # END OF PATCH APPLICATIONS
 
 %endif
@@ -2196,6 +2202,10 @@ fi
 # and build.
 
 %changelog
+* Tue May 18 2010 Kyle McMartin <kyle at redhat.com>
+- btrfs: check for read permission on src file in the clone ioctl
+  (rhbz#593226)
+
 * Mon May 17 2010 Matthew Garrett <mjg at redhat.com>
 - thinkpad-acpi-fix-backlight.patch: Fix backlight control on some recent
    Thinkpads

More information about the scm-commits mailing list