diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c index d1acab931330..b18e06daeffb 100644 --- a/fs/fuse/dir.c +++ b/fs/fuse/dir.c @@ -721,7 +721,7 @@ static int fuse_refresh_attributes(struct inode *inode) * for which the owner of the mount has ptrace privilege. This * excludes processes started by other users, suid or sgid processes. */ -static int fuse_allow_task(struct fuse_conn *fc, struct task_struct *task) +int fuse_allow_task(struct fuse_conn *fc, struct task_struct *task) { if (fc->flags & FUSE_ALLOW_OTHER) return 1; @@ -1005,6 +1005,9 @@ static int fuse_setattr(struct dentry *entry, struct iattr *attr) struct fuse_attr_out outarg; int err; + if (!fuse_allow_task(fc, current)) + return -EACCES; + if (fc->flags & FUSE_DEFAULT_PERMISSIONS) { err = inode_change_ok(inode, attr); if (err) @@ -1172,6 +1175,9 @@ static ssize_t fuse_listxattr(struct dentry *entry, char *list, size_t size) struct fuse_getxattr_out outarg; ssize_t ret; + if (!fuse_allow_task(fc, current)) + return -EACCES; + if (fc->no_listxattr) return -EOPNOTSUPP; diff --git a/fs/fuse/fuse_i.h b/fs/fuse/fuse_i.h index 1764506fdd11..e7464b8ebbfb 100644 --- a/fs/fuse/fuse_i.h +++ b/fs/fuse/fuse_i.h @@ -565,3 +565,8 @@ void fuse_ctl_remove_conn(struct fuse_conn *fc); * Is file type valid? */ int fuse_valid_type(int m); + +/** + * Is task allowed to perform filesystem operation? + */ +int fuse_allow_task(struct fuse_conn *fc, struct task_struct *task); diff --git a/fs/fuse/inode.c b/fs/fuse/inode.c index fd0735715c14..00bb5a255ded 100644 --- a/fs/fuse/inode.c +++ b/fs/fuse/inode.c @@ -287,6 +287,11 @@ static int fuse_statfs(struct dentry *dentry, struct kstatfs *buf) struct fuse_statfs_out outarg; int err; + if (!fuse_allow_task(fc, current)) { + buf->f_type = FUSE_SUPER_MAGIC; + return 0; + } + req = fuse_get_req(fc); if (IS_ERR(req)) return PTR_ERR(req);