->permission() sanitizing: don't pass flags to ->inode_permission()
pass that via mask instead.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
diff --git a/security/security.c b/security/security.c
index 4ba6d4c..db3b750d 100644
--- a/security/security.c
+++ b/security/security.c
@@ -518,14 +518,17 @@
{
if (unlikely(IS_PRIVATE(inode)))
return 0;
- return security_ops->inode_permission(inode, mask, 0);
+ return security_ops->inode_permission(inode, mask);
}
int security_inode_exec_permission(struct inode *inode, unsigned int flags)
{
+ int mask = MAY_EXEC;
if (unlikely(IS_PRIVATE(inode)))
return 0;
- return security_ops->inode_permission(inode, MAY_EXEC, flags);
+ if (flags)
+ mask |= MAY_NOT_BLOCK;
+ return security_ops->inode_permission(inode, mask);
}
int security_inode_setattr(struct dentry *dentry, struct iattr *attr)