Don't allow acls which contain unmapped identifiers: they are meaningful for remote file systems only. Signed-off-by: Andreas Gruenbacher <agruenba@xxxxxxxxxx> --- fs/xfs/xfs_richacl.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/fs/xfs/xfs_richacl.c b/fs/xfs/xfs_richacl.c index 73c2d24..4f938b7 100644 --- a/fs/xfs/xfs_richacl.c +++ b/fs/xfs/xfs_richacl.c @@ -77,6 +77,10 @@ xfs_set_richacl(struct inode *inode, struct richacl *acl) if (!acl) return xfs_remove_richacl(inode); + /* Don't allow acls with unmapped identifiers. */ + if (richacl_has_unmapped_identifiers(acl)) + return -EINVAL; + if (richacl_equiv_mode(acl, &mode) == 0) { xfs_set_mode(inode, mode); return xfs_remove_richacl(inode); -- 2.5.0 -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html