aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAl Viro2011-06-20 19:38:15 -0400
committerAl Viro2011-07-20 01:43:26 -0400
commite74f71eb78a4a8b9eaf1bc65f20f761648e85f76 (patch)
tree7bc7fc1344f5ed6e3ce8132b36125ef5cec6407c
parent10556cb21a0d0b24d95f00ea6df16f599a3345b2 (diff)
->permission() sanitizing: don't pass flags to ->inode_permission()
pass that via mask instead. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-rw-r--r--include/linux/security.h2
-rw-r--r--security/capability.c2
-rw-r--r--security/security.c7
-rw-r--r--security/selinux/hooks.c5
-rw-r--r--security/smack/smack_lsm.c5
5 files changed, 13 insertions, 8 deletions
diff --git a/include/linux/security.h b/include/linux/security.h
index 8ce59ef3e5af..ca02f1716736 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -1456,7 +1456,7 @@ struct security_operations {
struct inode *new_dir, struct dentry *new_dentry);
int (*inode_readlink) (struct dentry *dentry);
int (*inode_follow_link) (struct dentry *dentry, struct nameidata *nd);
- int (*inode_permission) (struct inode *inode, int mask, unsigned flags);
+ int (*inode_permission) (struct inode *inode, int mask);
int (*inode_setattr) (struct dentry *dentry, struct iattr *attr);
int (*inode_getattr) (struct vfsmount *mnt, struct dentry *dentry);
int (*inode_setxattr) (struct dentry *dentry, const char *name,
diff --git a/security/capability.c b/security/capability.c
index bbb51156261b..2984ea4f776f 100644
--- a/security/capability.c
+++ b/security/capability.c
@@ -181,7 +181,7 @@ static int cap_inode_follow_link(struct dentry *dentry,
return 0;
}
-static int cap_inode_permission(struct inode *inode, int mask, unsigned flags)
+static int cap_inode_permission(struct inode *inode, int mask)
{
return 0;
}
diff --git a/security/security.c b/security/security.c
index 4ba6d4cc061f..db3b750da353 100644
--- a/security/security.c
+++ b/security/security.c
@@ -518,14 +518,17 @@ int security_inode_permission(struct inode *inode, int mask)
{
if (unlikely(IS_PRIVATE(inode)))
return 0;
- return security_ops->inode_permission(inode, mask, 0);
+ return security_ops->inode_permission(inode, mask);
}
int security_inode_exec_permission(struct inode *inode, unsigned int flags)
{
+ int mask = MAY_EXEC;
if (unlikely(IS_PRIVATE(inode)))
return 0;
- return security_ops->inode_permission(inode, MAY_EXEC, flags);
+ if (flags)
+ mask |= MAY_NOT_BLOCK;
+ return security_ops->inode_permission(inode, mask);
}
int security_inode_setattr(struct dentry *dentry, struct iattr *attr)
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 20219ef5439a..47a059fff344 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -2659,12 +2659,13 @@ static int selinux_inode_follow_link(struct dentry *dentry, struct nameidata *na
return dentry_has_perm(cred, dentry, FILE__READ);
}
-static int selinux_inode_permission(struct inode *inode, int mask, unsigned flags)
+static int selinux_inode_permission(struct inode *inode, int mask)
{
const struct cred *cred = current_cred();
struct common_audit_data ad;
u32 perms;
bool from_access;
+ unsigned __flags = mask & MAY_NOT_BLOCK ? IPERM_FLAG_RCU : 0;
from_access = mask & MAY_ACCESS;
mask &= (MAY_READ|MAY_WRITE|MAY_EXEC|MAY_APPEND);
@@ -2681,7 +2682,7 @@ static int selinux_inode_permission(struct inode *inode, int mask, unsigned flag
perms = file_mask_to_av(inode->i_mode, mask);
- return inode_has_perm(cred, inode, perms, &ad, flags);
+ return inode_has_perm(cred, inode, perms, &ad, __flags);
}
static int selinux_inode_setattr(struct dentry *dentry, struct iattr *iattr)
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 9831a39c11f6..f375eb2e1957 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -689,9 +689,10 @@ static int smack_inode_rename(struct inode *old_inode,
*
* Returns 0 if access is permitted, -EACCES otherwise
*/
-static int smack_inode_permission(struct inode *inode, int mask, unsigned flags)
+static int smack_inode_permission(struct inode *inode, int mask)
{
struct smk_audit_info ad;
+ int no_block = mask & MAY_NOT_BLOCK;
mask &= (MAY_READ|MAY_WRITE|MAY_EXEC|MAY_APPEND);
/*
@@ -701,7 +702,7 @@ static int smack_inode_permission(struct inode *inode, int mask, unsigned flags)
return 0;
/* May be droppable after audit */
- if (flags & IPERM_FLAG_RCU)
+ if (no_block)
return -ECHILD;
smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_INODE);
smk_ad_setfield_u_fs_inode(&ad, inode);