diff options
Diffstat (limited to 'security/selinux/hooks.c')
| -rw-r--r-- | security/selinux/hooks.c | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index be5817df0a9d..179dd20bec0a 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
| @@ -1568,8 +1568,15 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent | |||
| 1568 | /* Called from d_instantiate or d_splice_alias. */ | 1568 | /* Called from d_instantiate or d_splice_alias. */ |
| 1569 | dentry = dget(opt_dentry); | 1569 | dentry = dget(opt_dentry); |
| 1570 | } else { | 1570 | } else { |
| 1571 | /* Called from selinux_complete_init, try to find a dentry. */ | 1571 | /* |
| 1572 | * Called from selinux_complete_init, try to find a dentry. | ||
| 1573 | * Some filesystems really want a connected one, so try | ||
| 1574 | * that first. We could split SECURITY_FS_USE_XATTR in | ||
| 1575 | * two, depending upon that... | ||
| 1576 | */ | ||
| 1572 | dentry = d_find_alias(inode); | 1577 | dentry = d_find_alias(inode); |
| 1578 | if (!dentry) | ||
| 1579 | dentry = d_find_any_alias(inode); | ||
| 1573 | } | 1580 | } |
| 1574 | if (!dentry) { | 1581 | if (!dentry) { |
| 1575 | /* | 1582 | /* |
| @@ -1674,14 +1681,19 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent | |||
| 1674 | if ((sbsec->flags & SE_SBGENFS) && !S_ISLNK(inode->i_mode)) { | 1681 | if ((sbsec->flags & SE_SBGENFS) && !S_ISLNK(inode->i_mode)) { |
| 1675 | /* We must have a dentry to determine the label on | 1682 | /* We must have a dentry to determine the label on |
| 1676 | * procfs inodes */ | 1683 | * procfs inodes */ |
| 1677 | if (opt_dentry) | 1684 | if (opt_dentry) { |
| 1678 | /* Called from d_instantiate or | 1685 | /* Called from d_instantiate or |
| 1679 | * d_splice_alias. */ | 1686 | * d_splice_alias. */ |
| 1680 | dentry = dget(opt_dentry); | 1687 | dentry = dget(opt_dentry); |
| 1681 | else | 1688 | } else { |
| 1682 | /* Called from selinux_complete_init, try to | 1689 | /* Called from selinux_complete_init, try to |
| 1683 | * find a dentry. */ | 1690 | * find a dentry. Some filesystems really want |
| 1691 | * a connected one, so try that first. | ||
| 1692 | */ | ||
| 1684 | dentry = d_find_alias(inode); | 1693 | dentry = d_find_alias(inode); |
| 1694 | if (!dentry) | ||
| 1695 | dentry = d_find_any_alias(inode); | ||
| 1696 | } | ||
| 1685 | /* | 1697 | /* |
| 1686 | * This can be hit on boot when a file is accessed | 1698 | * This can be hit on boot when a file is accessed |
| 1687 | * before the policy is loaded. When we load policy we | 1699 | * before the policy is loaded. When we load policy we |