f2fs: set pin_file under CAP_SYS_ADMIN

Android uses pin_file for uncrypt during OTA, and that should be managed by
CAP_SYS_ADMIN only.

Reviewed-by: Chao Yu <yuchao0@huawei.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
This commit is contained in:
Jaegeuk Kim 2019-03-13 16:15:08 -07:00
parent aadcef64b2
commit aff7b628ac

View File

@ -2873,8 +2873,8 @@ static int f2fs_ioc_set_pin_file(struct file *filp, unsigned long arg)
__u32 pin;
int ret = 0;
if (!inode_owner_or_capable(inode))
return -EACCES;
if (!capable(CAP_SYS_ADMIN))
return -EPERM;
if (get_user(pin, (__u32 __user *)arg))
return -EFAULT;