v2.4.9.8 -> v2.4.9.9

  - Greg KH: start migration to new "min()/max()"
  - Roman Zippel: move affs over to "min()/max()".
  - Vojtech Pavlik: VIA update (make sure not to IRQ-unmask a vt82c576)
  - Jan Kara: quota bug-fix (don't decrement quota for non-counted inode)
  - Anton Altaparmakov: more NTFS updates
  - Al Viro: make nosuid/noexec/nodev be per-mount flags, not per-filesystem
  - Alan Cox: merge input/joystick layer differences, driver and alpha merge
  - Keith Owens: scsi Makefile cleanup
  - Trond Myklebust: fix oopsable race in locking code
  - Jean Tourrilhes: IrDA update

1 files changed, 7 insertions, 3 deletions

diff --git a/fs/exec.c b/fs/exec.c
index 33177a7f60d3..1cbaaae663ca 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -347,7 +347,8 @@ struct file *open_exec(const char *name)
 	if (!err) {
 		inode = nd.dentry->d_inode;
 		file = ERR_PTR(-EACCES);
-		if (!IS_NOEXEC(inode) && S_ISREG(inode->i_mode)) {
+		if (!(nd.mnt->mnt_flags & MNT_NOEXEC) &&
+		    S_ISREG(inode->i_mode)) {
 			int err = permission(inode, MAY_EXEC);
 			file = ERR_PTR(err);
 			if (!err) {
@@ -607,7 +608,10 @@ int prepare_binprm(struct linux_binprm *bprm)
 	struct inode * inode = bprm->file->f_dentry->d_inode;
 
 	mode = inode->i_mode;
-	/* Huh? We had already checked for MAY_EXEC, WTF do we check this? */
+	/*
+	 * Check execute perms again - if the caller has CAP_DAC_OVERRIDE,
+	 * vfs_permission lets a non-executable through
+	 */
 	if (!(mode & 0111))	/* with at least _one_ execute bit set */
 		return -EACCES;
 	if (bprm->file->f_op == NULL)
@@ -616,7 +620,7 @@ int prepare_binprm(struct linux_binprm *bprm)
 	bprm->e_uid = current->euid;
 	bprm->e_gid = current->egid;
 
-	if(!IS_NOSUID(inode)) {
+	if(!(bprm->file->f_vfsmnt->mnt_flags & MNT_NOSUID)) {
 		/* Set-uid? */
 		if (mode & S_ISUID)
 			bprm->e_uid = inode->i_uid;