apparmor/kernel-patches/2.6.24/parent-permission.diff

From: Andreas Gruenbacher <agruen@suse.de>
Subject: Allow permission functions to tell between parent and leaf checks

Set the LOOKUP_CONTINUE flag when checking parent permissions. This allows
permission functions to tell between parent and leaf checks.

Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
Signed-off-by: John Johansen <jjohansen@suse.de>

---
 fs/namei.c |    2 ++
 1 file changed, 2 insertions(+)

--- a/fs/namei.c
+++ b/fs/namei.c
@@ -1508,6 +1508,8 @@ static inline int may_create(struct inod
 		return -EEXIST;
 	if (IS_DEADDIR(dir))
 		return -ENOENT;
+	if (nd)
+		nd->flags |= LOOKUP_CONTINUE;
 	return permission(dir,MAY_WRITE | MAY_EXEC, nd);
 }
add 2.6.24 branch 2008-05-27 11:55:58 +00:00			`From: Andreas Gruenbacher <agruen@suse.de>`
			`Subject: Allow permission functions to tell between parent and leaf checks`

			`Set the LOOKUP_CONTINUE flag when checking parent permissions. This allows`
			`permission functions to tell between parent and leaf checks.`

			`Signed-off-by: Andreas Gruenbacher <agruen@suse.de>`
			`Signed-off-by: John Johansen <jjohansen@suse.de>`

			`---`
			`fs/namei.c \| 2 ++`
			`1 file changed, 2 insertions(+)`

			`--- a/fs/namei.c`
			`+++ b/fs/namei.c`
			`@@ -1508,6 +1508,8 @@ static inline int may_create(struct inod`
			`return -EEXIST;`
			`if (IS_DEADDIR(dir))`
			`return -ENOENT;`
			`+ if (nd)`
			`+ nd->flags \|= LOOKUP_CONTINUE;`
			`return permission(dir,MAY_WRITE \| MAY_EXEC, nd);`
			`}`