diff options
-rw-r--r-- | fs/namei.c | 3 | ||||
-rw-r--r-- | security/selinux/hooks.c | 2 | ||||
-rw-r--r-- | security/smack/smack_lsm.c | 2 |
3 files changed, 5 insertions, 2 deletions
diff --git a/fs/namei.c b/fs/namei.c index fe34c2b879f..42d2d28fb82 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -282,8 +282,7 @@ int inode_permission(struct inode *inode, int mask) if (retval) return retval; - return security_inode_permission(inode, - mask & (MAY_READ|MAY_WRITE|MAY_EXEC|MAY_APPEND)); + return security_inode_permission(inode, mask); } /** diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 85338f0c048..0c98846f188 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2645,6 +2645,8 @@ static int selinux_inode_permission(struct inode *inode, int mask) { const struct cred *cred = current_cred(); + mask &= (MAY_READ|MAY_WRITE|MAY_EXEC|MAY_APPEND); + if (!mask) { /* No permission to check. Existence test. */ return 0; diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 07abc9ce72f..9192ba366a4 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -598,6 +598,8 @@ static int smack_inode_rename(struct inode *old_inode, static int smack_inode_permission(struct inode *inode, int mask) { struct smk_audit_info ad; + + mask &= (MAY_READ|MAY_WRITE|MAY_EXEC|MAY_APPEND); /* * No permission to check. Existence test. Yup, it's there. */ |