Commit e4cfa05e authored by Richard Haines's avatar Richard Haines Committed by Paul Moore

selinux: Add xfs quota command types

Add Q_XQUOTAOFF, Q_XQUOTAON and Q_XSETQLIM to trigger filesystem quotamod
permission check.

Add Q_XGETQUOTA, Q_XGETQSTAT, Q_XGETQSTATV and Q_XGETNEXTQUOTA to trigger
filesystem quotaget permission check.
Signed-off-by: default avatarRichard Haines <richard_c_haines@btinternet.com>
Reviewed-by: default avatarChristoph Hellwig <hch@lst.de>
Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
parent c3a27611
...@@ -2145,11 +2145,18 @@ static int selinux_quotactl(int cmds, int type, int id, struct super_block *sb) ...@@ -2145,11 +2145,18 @@ static int selinux_quotactl(int cmds, int type, int id, struct super_block *sb)
case Q_QUOTAOFF: case Q_QUOTAOFF:
case Q_SETINFO: case Q_SETINFO:
case Q_SETQUOTA: case Q_SETQUOTA:
case Q_XQUOTAOFF:
case Q_XQUOTAON:
case Q_XSETQLIM:
rc = superblock_has_perm(cred, sb, FILESYSTEM__QUOTAMOD, NULL); rc = superblock_has_perm(cred, sb, FILESYSTEM__QUOTAMOD, NULL);
break; break;
case Q_GETFMT: case Q_GETFMT:
case Q_GETINFO: case Q_GETINFO:
case Q_GETQUOTA: case Q_GETQUOTA:
case Q_XGETQUOTA:
case Q_XGETQSTAT:
case Q_XGETQSTATV:
case Q_XGETNEXTQUOTA:
rc = superblock_has_perm(cred, sb, FILESYSTEM__QUOTAGET, NULL); rc = superblock_has_perm(cred, sb, FILESYSTEM__QUOTAGET, NULL);
break; break;
default: default:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment