aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--fs/namei.c3
-rw-r--r--security/selinux/hooks.c2
-rw-r--r--security/smack/smack_lsm.c2
3 files changed, 5 insertions, 2 deletions
diff --git a/fs/namei.c b/fs/namei.c
index fe34c2b879f..42d2d28fb82 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -282,8 +282,7 @@ int inode_permission(struct inode *inode, int mask)
if (retval)
return retval;
- return security_inode_permission(inode,
- mask & (MAY_READ|MAY_WRITE|MAY_EXEC|MAY_APPEND));
+ return security_inode_permission(inode, mask);
}
/**
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 85338f0c048..0c98846f188 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -2645,6 +2645,8 @@ static int selinux_inode_permission(struct inode *inode, int mask)
{
const struct cred *cred = current_cred();
+ mask &= (MAY_READ|MAY_WRITE|MAY_EXEC|MAY_APPEND);
+
if (!mask) {
/* No permission to check. Existence test. */
return 0;
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 07abc9ce72f..9192ba366a4 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -598,6 +598,8 @@ static int smack_inode_rename(struct inode *old_inode,
static int smack_inode_permission(struct inode *inode, int mask)
{
struct smk_audit_info ad;
+
+ mask &= (MAY_READ|MAY_WRITE|MAY_EXEC|MAY_APPEND);
/*
* No permission to check. Existence test. Yup, it's there.
*/