userns: Kill nsown_capable it makes the wrong thing easy

[~andy/linux] / fs / open.c

diff --git a/fs/open.c b/fs/open.c
index fca72c4d3f17ac13758ac5315e413d749bf7667b..1c9d23f7e683611767cb08d8d6d82150b61727b9 100644 (file)
--- a/fs/open.c
+++ b/fs/open.c
@@ -443,7 +443,7 @@ retry:
                goto dput_and_out;
 
        error = -EPERM;
-       if (!nsown_capable(CAP_SYS_CHROOT))
+       if (!ns_capable(current_user_ns(), CAP_SYS_CHROOT))
                goto dput_and_out;
        error = security_path_chroot(&path);
        if (error)
@@ -840,8 +840,8 @@ static inline int build_open_flags(int flags, umode_t mode, struct open_flags *o
        if (flags & __O_SYNC)
                flags |= O_DSYNC;
 
-       if (flags & O_TMPFILE) {
-               if (!(flags & O_CREAT))
+       if (flags & __O_TMPFILE) {
+               if ((flags & O_TMPFILE_MASK) != O_TMPFILE)
                        return -EINVAL;
                acc_mode = MAY_OPEN | ACC_MODE(flags);
        } else if (flags & O_PATH) {