[patch 10/15] security: pass path to inode_getxattr
From: Miklos Szeredi
Date: Thu May 29 2008 - 09:53:04 EST
From: Miklos Szeredi <mszeredi@xxxxxxx>
In the inode_getxattr() security operation and related functions pass
the path (vfsmount + dentry) instead of the dentry. AppArmor will need
this.
Signed-off-by: Miklos Szeredi <mszeredi@xxxxxxx>
---
fs/xattr.c | 2 +-
include/linux/security.h | 9 ++++-----
security/dummy.c | 2 +-
security/security.c | 6 +++---
security/selinux/hooks.c | 4 ++--
security/smack/smack_lsm.c | 6 +++---
6 files changed, 14 insertions(+), 15 deletions(-)
Index: linux-2.6/include/linux/security.h
===================================================================
--- linux-2.6.orig/include/linux/security.h 2008-05-29 12:20:56.000000000 +0200
+++ linux-2.6/include/linux/security.h 2008-05-29 12:20:57.000000000 +0200
@@ -435,7 +435,7 @@ static inline void security_free_mnt_opt
* @value identified by @name for @dentry.
* @inode_getxattr:
* Check permission before obtaining the extended attributes
- * identified by @name for @dentry.
+ * identified by @name for @path.
* Return 0 if permission is granted.
* @inode_listxattr:
* Check permission before obtaining the list of extended attribute
@@ -1375,7 +1375,7 @@ struct security_operations {
const void *value, size_t size, int flags);
void (*inode_post_setxattr) (struct dentry *dentry, const char *name,
const void *value, size_t size, int flags);
- int (*inode_getxattr) (struct dentry *dentry, const char *name);
+ int (*inode_getxattr) (struct path *path, const char *name);
int (*inode_listxattr) (struct dentry *dentry);
int (*inode_removexattr) (struct dentry *dentry, const char *name);
int (*inode_need_killpriv) (struct dentry *dentry);
@@ -1647,7 +1647,7 @@ int security_inode_setxattr(struct dentr
const void *value, size_t size, int flags);
void security_inode_post_setxattr(struct dentry *dentry, const char *name,
const void *value, size_t size, int flags);
-int security_inode_getxattr(struct dentry *dentry, const char *name);
+int security_inode_getxattr(struct path *path, const char *name);
int security_inode_listxattr(struct dentry *dentry);
int security_inode_removexattr(struct dentry *dentry, const char *name);
int security_inode_need_killpriv(struct dentry *dentry);
@@ -2058,8 +2058,7 @@ static inline void security_inode_post_s
const char *name, const void *value, size_t size, int flags)
{ }
-static inline int security_inode_getxattr(struct dentry *dentry,
- const char *name)
+static inline int security_inode_getxattr(struct path *path, const char *name)
{
return 0;
}
Index: linux-2.6/security/dummy.c
===================================================================
--- linux-2.6.orig/security/dummy.c 2008-05-29 12:20:56.000000000 +0200
+++ linux-2.6/security/dummy.c 2008-05-29 12:20:57.000000000 +0200
@@ -379,7 +379,7 @@ static void dummy_inode_post_setxattr (s
{
}
-static int dummy_inode_getxattr (struct dentry *dentry, const char *name)
+static int dummy_inode_getxattr(struct path *path, const char *name)
{
return 0;
}
Index: linux-2.6/security/security.c
===================================================================
--- linux-2.6.orig/security/security.c 2008-05-29 12:20:56.000000000 +0200
+++ linux-2.6/security/security.c 2008-05-29 12:20:57.000000000 +0200
@@ -509,11 +509,11 @@ void security_inode_post_setxattr(struct
security_ops->inode_post_setxattr(dentry, name, value, size, flags);
}
-int security_inode_getxattr(struct dentry *dentry, const char *name)
+int security_inode_getxattr(struct path *path, const char *name)
{
- if (unlikely(IS_PRIVATE(dentry->d_inode)))
+ if (unlikely(IS_PRIVATE(path->dentry->d_inode)))
return 0;
- return security_ops->inode_getxattr(dentry, name);
+ return security_ops->inode_getxattr(path, name);
}
int security_inode_listxattr(struct dentry *dentry)
Index: linux-2.6/security/selinux/hooks.c
===================================================================
--- linux-2.6.orig/security/selinux/hooks.c 2008-05-29 12:20:56.000000000 +0200
+++ linux-2.6/security/selinux/hooks.c 2008-05-29 12:20:57.000000000 +0200
@@ -2697,9 +2697,9 @@ static void selinux_inode_post_setxattr(
return;
}
-static int selinux_inode_getxattr(struct dentry *dentry, const char *name)
+static int selinux_inode_getxattr(struct path *path, const char *name)
{
- return dentry_has_perm(current, NULL, dentry, FILE__GETATTR);
+ return dentry_has_perm(current, NULL, path->dentry, FILE__GETATTR);
}
static int selinux_inode_listxattr(struct dentry *dentry)
Index: linux-2.6/security/smack/smack_lsm.c
===================================================================
--- linux-2.6.orig/security/smack/smack_lsm.c 2008-05-29 12:20:56.000000000 +0200
+++ linux-2.6/security/smack/smack_lsm.c 2008-05-29 12:20:57.000000000 +0200
@@ -635,14 +635,14 @@ static void smack_inode_post_setxattr(st
/*
* smack_inode_getxattr - Smack check on getxattr
- * @dentry: the object
+ * @path: the object
* @name: unused
*
* Returns 0 if access is permitted, an error code otherwise
*/
-static int smack_inode_getxattr(struct dentry *dentry, const char *name)
+static int smack_inode_getxattr(struct path *path, const char *name)
{
- return smk_curacc(smk_of_inode(dentry->d_inode), MAY_READ);
+ return smk_curacc(smk_of_inode(path->dentry->d_inode), MAY_READ);
}
/*
Index: linux-2.6/fs/xattr.c
===================================================================
--- linux-2.6.orig/fs/xattr.c 2008-05-29 12:20:49.000000000 +0200
+++ linux-2.6/fs/xattr.c 2008-05-29 12:20:57.000000000 +0200
@@ -157,7 +157,7 @@ path_getxattr(struct path *path, const c
if (error)
return error;
- error = security_inode_getxattr(dentry, name);
+ error = security_inode_getxattr(path, name);
if (error)
return error;
--
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/