From: Sergio Gelato <Sergio.Gelato@astro.su.se>
Date: Wed, 24 Sep 2014 06:47:24 +0000 (+0200)
Subject: nfsd: Fix ACL null pointer deref
X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=9c1304dd819675cb4c85abb9620329a66fb6b849;p=GitHub%2FLineageOS%2Fandroid_kernel_samsung_universal7580.git

nfsd: Fix ACL null pointer deref

BugLink: http://bugs.launchpad.net/bugs/1348670

Fix regression introduced in pre-3.14 kernels by cherry-picking
aa07c713ecfc0522916f3cd57ac628ea6127c0ec
(NFSD: Call ->set_acl with a NULL ACL structure if no entries).

The affected code was removed in 3.14 by commit
4ac7249ea5a0ceef9f8269f63f33cc873c3fac61
(nfsd: use get_acl and ->set_acl).
The ->set_acl methods are already able to cope with a NULL argument.

Signed-off-by: Sergio Gelato <Sergio.Gelato@astro.su.se>
[bwh: Rewrite the subject]
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Cc: Moritz Mühlenhoff <muehlenhoff@univention.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---

diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c
index 05b0fb30271..635335702dc 100644
--- a/fs/nfsd/vfs.c
+++ b/fs/nfsd/vfs.c
@@ -508,6 +508,9 @@ set_nfsv4_acl_one(struct dentry *dentry, struct posix_acl *pacl, char *key)
 	char *buf = NULL;
 	int error = 0;
 
+	if (!pacl)
+		return vfs_setxattr(dentry, key, NULL, 0, 0);
+
 	buflen = posix_acl_xattr_size(pacl->a_count);
 	buf = kmalloc(buflen, GFP_KERNEL);
 	error = -ENOMEM;