int
gr_handle_hardlink(const struct dentry *dentry,
const struct vfsmount *mnt,
const struct filename *to)
{
#ifdef CONFIG_GRKERNSEC_LINK
struct inode *inode = d_backing_inode(dentry);
const struct cred *cred = current_cred();
if (grsec_enable_link && !uid_eq(cred->fsuid, inode->i_uid) &&
(!d_is_reg(dentry) || is_privileged_binary(dentry) ||
(inode_permission(inode, MAY_READ | MAY_WRITE))) &&
!capable(CAP_FOWNER) && gr_is_global_nonroot(cred->uid)) {
gr_log_fs_int2_str(GR_DONT_AUDIT, GR_HARDLINK_MSG, dentry, mnt, inode->i_uid, inode->i_gid, to->name);
return -EPERM;
}
#endif
return 0;
}
static struct dentry *ovl_d_real(struct dentry *dentry,
const struct inode *inode)
{
struct dentry *real;
/* It's an overlay file */
if (inode && d_inode(dentry) == inode)
return dentry;
if (!d_is_reg(dentry)) {
if (!inode || inode == d_inode(dentry))
return dentry;
goto bug;
}
real = ovl_dentry_upper(dentry);
if (real && (inode == d_inode(real)))
return real;
if (real && !inode && ovl_has_upperdata(d_inode(dentry)))
return real;
real = ovl_dentry_lowerdata(dentry);
if (!real)
goto bug;
/* Handle recursion */
real = d_real(real, inode);
if (!inode || inode == d_inode(real))
return real;
bug:
WARN(1, "ovl_d_real(%pd4, %s:%lu): real dentry not found\n", dentry,
inode ? inode->i_sb->s_id : "NULL", inode ? inode->i_ino : 0);
return dentry;
}
