[PATCH] fs: fix xattr permission checking error
From: Nicolas Belouin
Date: Sat Oct 21 2017 - 09:39:04 EST
Fix an issue making trusted xattr world readable and other
cap_sys_admin only
Signed-off-by: Nicolas Belouin <nicolas@xxxxxxxxxx>
---
fs/hfsplus/xattr.c | 2 +-
fs/jfs/xattr.c | 5 ++---
2 files changed, 3 insertions(+), 4 deletions(-)
diff --git a/fs/hfsplus/xattr.c b/fs/hfsplus/xattr.c
index d37bb88dc746..ae03a19196ef 100644
--- a/fs/hfsplus/xattr.c
+++ b/fs/hfsplus/xattr.c
@@ -604,7 +604,7 @@ static inline int can_list(const char *xattr_name)
if (!xattr_name)
return 0;
- return strncmp(xattr_name, XATTR_TRUSTED_PREFIX,
+ return !strncmp(xattr_name, XATTR_TRUSTED_PREFIX,
XATTR_TRUSTED_PREFIX_LEN) ||
capable(CAP_SYS_ADMIN);
}
diff --git a/fs/jfs/xattr.c b/fs/jfs/xattr.c
index c60f3d32ee91..1c46573a96ed 100644
--- a/fs/jfs/xattr.c
+++ b/fs/jfs/xattr.c
@@ -858,9 +858,8 @@ ssize_t __jfs_getxattr(struct inode *inode, const char *name, void *data,
*/
static inline int can_list(struct jfs_ea *ea)
{
- return (strncmp(ea->name, XATTR_TRUSTED_PREFIX,
- XATTR_TRUSTED_PREFIX_LEN) ||
- capable(CAP_SYS_ADMIN));
+ return (!strncmp(ea->name, XATTR_TRUSTED_PREFIX,
+ XATTR_TRUSTED_PREFIX_LEN) || capable(CAP_SYS_ADMIN));
}
ssize_t jfs_listxattr(struct dentry * dentry, char *data, size_t buf_size)
--
2.14.2