PKGBUILDs/core/kernel26-lts/linux-2.6.27.9-ext4-cap-check-delay.patch
2009-10-09 21:17:35 -05:00

34 lines
1.3 KiB
Diff

Safer version of upstream commit a996031c87e093017c0763326a08896a3a4817f4
Delay capable() checks to avoid (most) AVC denials when checking free blocks
(Bug 478299 - AVC denials on kernel 2.6.27.9-159.fc10.x86_64)
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
---
Index: linux-2.6.27.noarch/fs/ext4/balloc.c
===================================================================
--- linux-2.6.27.noarch.orig/fs/ext4/balloc.c 2009-01-06 14:49:05.625574969 -0600
+++ linux-2.6.27.noarch/fs/ext4/balloc.c 2009-01-06 14:49:19.181637281 -0600
@@ -1612,15 +1612,15 @@ out:
ext4_fsblk_t ext4_has_free_blocks(struct ext4_sb_info *sbi,
ext4_fsblk_t nblocks)
{
- ext4_fsblk_t free_blocks;
- ext4_fsblk_t root_blocks = 0;
+ ext4_fsblk_t free_blocks, root_blocks;
free_blocks = percpu_counter_read_positive(&sbi->s_freeblocks_counter);
+ root_blocks = ext4_r_blocks_count(sbi->s_es);
- if (!capable(CAP_SYS_RESOURCE) &&
- sbi->s_resuid != current->fsuid &&
- (sbi->s_resgid == 0 || !in_group_p(sbi->s_resgid)))
- root_blocks = ext4_r_blocks_count(sbi->s_es);
+ if (sbi->s_resuid == current->fsuid ||
+ ((sbi->s_resgid != 0) && in_group_p(sbi->s_resgid)) ||
+ capable(CAP_SYS_RESOURCE))
+ root_blocks = 0;
#ifdef CONFIG_SMP
if (free_blocks - root_blocks < FBC_BATCH)
free_blocks =