Introduce is_owner_or_cap() to wrap CAP_FOWNER use with fsuid check

[net-next-2.6.git] / fs / ext2 / acl.c

diff --git a/fs/ext2/acl.c b/fs/ext2/acl.c
index 6af2f41302905a8e863912b8153e9d30a82911fd..e58669e1b87c6bab0e0a0ac8677713b5b2f3fbb8 100644 (file)
--- a/fs/ext2/acl.c
+++ b/fs/ext2/acl.c
@@ -4,6 +4,7 @@
  * Copyright (C) 2001-2003 Andreas Gruenbacher, <agruen@suse.de>
  */
 
+#include <linux/capability.h>
 #include <linux/init.h>
 #include <linux/sched.h>
 #include <linux/slab.h>
@@ -88,8 +89,8 @@ ext2_acl_to_disk(const struct posix_acl *acl, size_t *size)
        size_t n;
 
        *size = ext2_acl_size(acl->a_count);
-       ext_acl = (ext2_acl_header *)kmalloc(sizeof(ext2_acl_header) +
-               acl->a_count * sizeof(ext2_acl_entry), GFP_KERNEL);
+       ext_acl = kmalloc(sizeof(ext2_acl_header) + acl->a_count *
+                       sizeof(ext2_acl_entry), GFP_KERNEL);
        if (!ext_acl)
                return ERR_PTR(-ENOMEM);
        ext_acl->a_version = cpu_to_le32(EXT2_ACL_VERSION);
@@ -149,7 +150,7 @@ ext2_iset_acl(struct inode *inode, struct posix_acl **i_acl,
 }
 
 /*
- * inode->i_sem: don't care
+ * inode->i_mutex: don't care
  */
 static struct posix_acl *
 ext2_get_acl(struct inode *inode, int type)
@@ -211,7 +212,7 @@ ext2_get_acl(struct inode *inode, int type)
 }
 
 /*
- * inode->i_sem: down
+ * inode->i_mutex: down
  */
 static int
 ext2_set_acl(struct inode *inode, int type, struct posix_acl *acl)
@@ -219,7 +220,7 @@ ext2_set_acl(struct inode *inode, int type, struct posix_acl *acl)
        struct ext2_inode_info *ei = EXT2_I(inode);
        int name_index;
        void *value = NULL;
-       size_t size;
+       size_t size = 0;
        int error;
 
        if (S_ISLNK(inode->i_mode))
@@ -301,8 +302,8 @@ ext2_permission(struct inode *inode, int mask, struct nameidata *nd)
 /*
  * Initialize the ACLs of a new inode. Called from ext2_new_inode.
  *
- * dir->i_sem: down
- * inode->i_sem: up (access to inode is still exclusive)
+ * dir->i_mutex: down
+ * inode->i_mutex: up (access to inode is still exclusive)
  */
 int
 ext2_init_acl(struct inode *inode, struct inode *dir)
@@ -361,7 +362,7 @@ cleanup:
  * for directories) are added. There are no more bits available in the
  * file mode.
  *
- * inode->i_sem: down
+ * inode->i_mutex: down
  */
 int
 ext2_acl_chmod(struct inode *inode)
@@ -463,7 +464,7 @@ ext2_xattr_set_acl(struct inode *inode, int type, const void *value,
 
        if (!test_opt(inode->i_sb, POSIX_ACL))
                return -EOPNOTSUPP;
-       if ((current->fsuid != inode->i_uid) && !capable(CAP_FOWNER))
+       if (!is_owner_or_cap(inode))
                return -EPERM;
 
        if (value) {