X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=fs%2Fnamei.c;h=181922326a6abdba16c45e1fc959dee304f4245d;hb=34a75f0025b9cf803b6a88db032e6ad6950c9313;hp=90a0e3750e0af7bcba9918fbf61dd67854005031;hpb=43bc926fffd92024b46cafaf7350d669ba9ca884;p=linux-2.6.git

diff --git a/fs/namei.c b/fs/namei.c
index 90a0e3750..181922326 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -228,13 +228,20 @@ int generic_permission(struct inode *inode, int mask,
 	return -EACCES;
 }
 
-static inline int xid_permission(struct inode *inode, int mask, struct nameidata *nd)
+static inline int vx_barrier(struct inode *inode)
 {
 	if (IS_BARRIER(inode) && !vx_check(0, VX_ADMIN)) {
 		vxwprintk(1, "xid=%d did hit the barrier.",
 			vx_current_xid());
-		return -EACCES;
+		return 1;
 	}
+	return 0;
+}
+
+static inline int xid_permission(struct inode *inode, int mask, struct nameidata *nd)
+{
+	if (vx_barrier(inode))
+		return -EACCES;
 	if (inode->i_xid == 0)
 		return 0;
 	if (vx_check(inode->i_xid, VX_ADMIN|VX_WATCH|VX_IDENT))
@@ -426,6 +433,8 @@ static int exec_permission_lite(struct inode *inode,
 {
 	umode_t	mode = inode->i_mode;
 
+	if (vx_barrier(inode))
+		return -EACCES;
 	if (inode->i_op && inode->i_op->permission)
 		return -EAGAIN;
 
@@ -2637,7 +2646,6 @@ int vfs_follow_link(struct nameidata *nd, const char *link)
 	return __vfs_follow_link(nd, link);
 }
 
-
 /* get the link contents into pagecache */
 static char *page_getlink(struct dentry * dentry, struct page **ppage)
 {