| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 20 Jun 2024 14:03:59 +0200 From: Mateusz Guzik <mjguzik@...il.com> To: brauner@...nel.org Cc: viro@...iv.linux.org.uk, jack@...e.cz, linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org, Mateusz Guzik <mjguzik@...il.com> Subject: [PATCH] vfs: reorder checks in may_create_in_sticky The routine is called for all directories on file creation and weirdly postpones the check if the dir is sticky to begin with. Instead it first checks fifos and regular files (in that order), while avoidably pulling globals. No functional changes. Signed-off-by: Mateusz Guzik <mjguzik@...il.com> --- fs/namei.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/fs/namei.c b/fs/namei.c index 63d1fb06da6b..b1600060ecfb 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -1246,9 +1246,9 @@ static int may_create_in_sticky(struct mnt_idmap *idmap, umode_t dir_mode = nd->dir_mode; vfsuid_t dir_vfsuid = nd->dir_vfsuid; - if ((!sysctl_protected_fifos && S_ISFIFO(inode->i_mode)) || - (!sysctl_protected_regular && S_ISREG(inode->i_mode)) || - likely(!(dir_mode & S_ISVTX)) || + if (likely(!(dir_mode & S_ISVTX)) || + (S_ISREG(inode->i_mode) && !sysctl_protected_regular) || + (S_ISFIFO(inode->i_mode) && !sysctl_protected_fifos) || vfsuid_eq(i_uid_into_vfsuid(idmap, inode), dir_vfsuid) || vfsuid_eq_kuid(i_uid_into_vfsuid(idmap, inode), current_fsuid())) return 0; -- 2.43.0
Powered by blists - more mailing lists