diff options
author | David Howells <dhowells@redhat.com> | 2006-07-30 14:58:27 -0400 |
---|---|---|
committer | Trond Myklebust <Trond.Myklebust@netapp.com> | 2006-09-22 23:24:38 -0400 |
commit | 738a35195941ecf604d3070e2a053e1df3de350b (patch) | |
tree | dd85dd6e48fad4a041d26ef6c36c4dd08537161f | |
parent | 27ba851244f627a302d0fc6469d1ad413fc34fcb (diff) |
NFS: Secure the roots of the NFS subtrees in a shared superblock
Invoke security_d_instantiate() on root dentries after allocating them with
dentry_alloc_anon(). Normally dentry_alloc_root() would do that, but we don't
call that as we don't want to assign a name to the root dentry at this point
(we may discover the real name later).
Signed-Off-By: David Howells <dhowells@redhat.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
-rw-r--r-- | fs/nfs/getroot.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/fs/nfs/getroot.c b/fs/nfs/getroot.c index 977e59088eeb..76b08ae9ed82 100644 --- a/fs/nfs/getroot.c +++ b/fs/nfs/getroot.c | |||
@@ -33,6 +33,7 @@ | |||
33 | #include <linux/vfs.h> | 33 | #include <linux/vfs.h> |
34 | #include <linux/namei.h> | 34 | #include <linux/namei.h> |
35 | #include <linux/namespace.h> | 35 | #include <linux/namespace.h> |
36 | #include <linux/security.h> | ||
36 | 37 | ||
37 | #include <asm/system.h> | 38 | #include <asm/system.h> |
38 | #include <asm/uaccess.h> | 39 | #include <asm/uaccess.h> |
@@ -109,6 +110,8 @@ struct dentry *nfs_get_root(struct super_block *sb, struct nfs_fh *mntfh) | |||
109 | return ERR_PTR(-ENOMEM); | 110 | return ERR_PTR(-ENOMEM); |
110 | } | 111 | } |
111 | 112 | ||
113 | security_d_instantiate(mntroot, inode); | ||
114 | |||
112 | if (!mntroot->d_op) | 115 | if (!mntroot->d_op) |
113 | mntroot->d_op = server->nfs_client->rpc_ops->dentry_ops; | 116 | mntroot->d_op = server->nfs_client->rpc_ops->dentry_ops; |
114 | 117 | ||
@@ -296,6 +299,8 @@ struct dentry *nfs4_get_root(struct super_block *sb, struct nfs_fh *mntfh) | |||
296 | return ERR_PTR(-ENOMEM); | 299 | return ERR_PTR(-ENOMEM); |
297 | } | 300 | } |
298 | 301 | ||
302 | security_d_instantiate(mntroot, inode); | ||
303 | |||
299 | if (!mntroot->d_op) | 304 | if (!mntroot->d_op) |
300 | mntroot->d_op = server->nfs_client->rpc_ops->dentry_ops; | 305 | mntroot->d_op = server->nfs_client->rpc_ops->dentry_ops; |
301 | 306 | ||