Merge to Fedora kernel-2.6.17-1.2142_FC4 patched with stable patch-2.6.17.13-vs2...

[linux-2.6.git] / fs / namei.c

diff --git a/fs/namei.c b/fs/namei.c
index 90a0e37..1819223 100644 (file)
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -228,13 +228,20 @@ int generic_permission(struct inode *inode, int mask,
        return -EACCES;
 }
 
-static inline int xid_permission(struct inode *inode, int mask, struct nameidata *nd)
+static inline int vx_barrier(struct inode *inode)
 {
        if (IS_BARRIER(inode) && !vx_check(0, VX_ADMIN)) {
                vxwprintk(1, "xid=%d did hit the barrier.",
                        vx_current_xid());
-               return -EACCES;
+               return 1;
        }
+       return 0;
+}
+
+static inline int xid_permission(struct inode *inode, int mask, struct nameidata *nd)
+{
+       if (vx_barrier(inode))
+               return -EACCES;
        if (inode->i_xid == 0)
                return 0;
        if (vx_check(inode->i_xid, VX_ADMIN|VX_WATCH|VX_IDENT))
@@ -426,6 +433,8 @@ static int exec_permission_lite(struct inode *inode,
 {
        umode_t mode = inode->i_mode;
 
+       if (vx_barrier(inode))
+               return -EACCES;
        if (inode->i_op && inode->i_op->permission)
                return -EAGAIN;
 
@@ -2637,7 +2646,6 @@ int vfs_follow_link(struct nameidata *nd, const char *link)
        return __vfs_follow_link(nd, link);
 }
 
-
 /* get the link contents into pagecache */
 static char *page_getlink(struct dentry * dentry, struct page **ppage)
 {