jffs2: Add missing capability check for listing trusted xattrs

The vfs checks if a task has the appropriate access for get and set
operations, but it cannot do that for the list operation; the file system
must check for that itself.

Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Cc: David Woodhouse <dwmw2@infradead.org>
Cc: linux-mtd@lists.infradead.org
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

diff --git a/fs/jffs2/xattr_trusted.c b/fs/jffs2/xattr_trusted.c
index ceaf9c693225b44edeb5bb3bddea534c1b62ad51..bbd20c16090ee9074e4dfa71540a17f71f02bd2a 100644 (file)
--- a/fs/jffs2/xattr_trusted.c
+++ b/fs/jffs2/xattr_trusted.c
@@ -39,6 +39,9 @@ static size_t jffs2_trusted_listxattr(struct dentry *dentry, char *list,
 {
        size_t retlen = XATTR_TRUSTED_PREFIX_LEN + name_len + 1;
 
+       if (!capable(CAP_SYS_ADMIN))
+               return 0;
+
        if (list && retlen<=list_size) {
                strcpy(list, XATTR_TRUSTED_PREFIX);
                strcpy(list + XATTR_TRUSTED_PREFIX_LEN, name);