int gr_handle_hardlink(const struct dentry *dentry, const struct vfsmount *mnt, const struct filename *to) { #ifdef CONFIG_GRKERNSEC_LINK struct inode *inode = d_backing_inode(dentry); const struct cred *cred = current_cred(); if (grsec_enable_link && !uid_eq(cred->fsuid, inode->i_uid) && (!d_is_reg(dentry) || is_privileged_binary(dentry) || (inode_permission(inode, MAY_READ | MAY_WRITE))) && !capable(CAP_FOWNER) && gr_is_global_nonroot(cred->uid)) { gr_log_fs_int2_str(GR_DONT_AUDIT, GR_HARDLINK_MSG, dentry, mnt, inode->i_uid, inode->i_gid, to->name); return -EPERM; } #endif return 0; }
static struct dentry *ovl_d_real(struct dentry *dentry, const struct inode *inode) { struct dentry *real; /* It's an overlay file */ if (inode && d_inode(dentry) == inode) return dentry; if (!d_is_reg(dentry)) { if (!inode || inode == d_inode(dentry)) return dentry; goto bug; } real = ovl_dentry_upper(dentry); if (real && (inode == d_inode(real))) return real; if (real && !inode && ovl_has_upperdata(d_inode(dentry))) return real; real = ovl_dentry_lowerdata(dentry); if (!real) goto bug; /* Handle recursion */ real = d_real(real, inode); if (!inode || inode == d_inode(real)) return real; bug: WARN(1, "ovl_d_real(%pd4, %s:%lu): real dentry not found\n", dentry, inode ? inode->i_sb->s_id : "NULL", inode ? inode->i_ino : 0); return dentry; }