diff options
| author | Jan Blunck <jblunck@suse.de> | 2008-02-14 22:38:33 -0500 |
|---|---|---|
| committer | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2008-02-15 00:17:08 -0500 |
| commit | 44707fdf5938ad269ea5d6c5744d82f6a7328746 (patch) | |
| tree | 7eb1704418eb41b859ad24bc48f6400135474d87 | |
| parent | a03a8a709a0c34b61b7aea1d54a0473a6b941fdb (diff) | |
d_path: Use struct path in struct avc_audit_data
audit_log_d_path() is a d_path() wrapper that is used by the audit code. To
use a struct path in audit_log_d_path() I need to embed it into struct
avc_audit_data.
[akpm@linux-foundation.org: coding-style fixes]
Signed-off-by: Jan Blunck <jblunck@suse.de>
Acked-by: Christoph Hellwig <hch@infradead.org>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: "J. Bruce Fields" <bfields@fieldses.org>
Cc: Neil Brown <neilb@suse.de>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Cc: James Morris <jmorris@namei.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
| -rw-r--r-- | include/linux/audit.h | 5 | ||||
| -rw-r--r-- | kernel/audit.c | 12 | ||||
| -rw-r--r-- | kernel/auditsc.c | 28 | ||||
| -rw-r--r-- | security/selinux/avc.c | 15 | ||||
| -rw-r--r-- | security/selinux/hooks.c | 28 | ||||
| -rw-r--r-- | security/selinux/include/avc.h | 6 |
6 files changed, 43 insertions, 51 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h index 97153027207a..2af9ec025015 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h | |||
| @@ -534,8 +534,7 @@ extern void audit_log_n_untrustedstring(struct audit_buffer *ab, | |||
| 534 | const char *string); | 534 | const char *string); |
| 535 | extern void audit_log_d_path(struct audit_buffer *ab, | 535 | extern void audit_log_d_path(struct audit_buffer *ab, |
| 536 | const char *prefix, | 536 | const char *prefix, |
| 537 | struct dentry *dentry, | 537 | struct path *path); |
| 538 | struct vfsmount *vfsmnt); | ||
| 539 | extern void audit_log_lost(const char *message); | 538 | extern void audit_log_lost(const char *message); |
| 540 | /* Private API (for audit.c only) */ | 539 | /* Private API (for audit.c only) */ |
| 541 | extern int audit_filter_user(struct netlink_skb_parms *cb, int type); | 540 | extern int audit_filter_user(struct netlink_skb_parms *cb, int type); |
| @@ -552,7 +551,7 @@ extern int audit_enabled; | |||
| 552 | #define audit_log_hex(a,b,l) do { ; } while (0) | 551 | #define audit_log_hex(a,b,l) do { ; } while (0) |
| 553 | #define audit_log_untrustedstring(a,s) do { ; } while (0) | 552 | #define audit_log_untrustedstring(a,s) do { ; } while (0) |
| 554 | #define audit_log_n_untrustedstring(a,n,s) do { ; } while (0) | 553 | #define audit_log_n_untrustedstring(a,n,s) do { ; } while (0) |
| 555 | #define audit_log_d_path(b,p,d,v) do { ; } while (0) | 554 | #define audit_log_d_path(b, p, d) do { ; } while (0) |
| 556 | #define audit_enabled 0 | 555 | #define audit_enabled 0 |
| 557 | #endif | 556 | #endif |
| 558 | #endif | 557 | #endif |
diff --git a/kernel/audit.c b/kernel/audit.c index c8555b180213..783e65701247 100644 --- a/kernel/audit.c +++ b/kernel/audit.c | |||
| @@ -1312,26 +1312,26 @@ void audit_log_untrustedstring(struct audit_buffer *ab, const char *string) | |||
| 1312 | 1312 | ||
| 1313 | /* This is a helper-function to print the escaped d_path */ | 1313 | /* This is a helper-function to print the escaped d_path */ |
| 1314 | void audit_log_d_path(struct audit_buffer *ab, const char *prefix, | 1314 | void audit_log_d_path(struct audit_buffer *ab, const char *prefix, |
| 1315 | struct dentry *dentry, struct vfsmount *vfsmnt) | 1315 | struct path *path) |
| 1316 | { | 1316 | { |
| 1317 | char *p, *path; | 1317 | char *p, *pathname; |
| 1318 | 1318 | ||
| 1319 | if (prefix) | 1319 | if (prefix) |
| 1320 | audit_log_format(ab, " %s", prefix); | 1320 | audit_log_format(ab, " %s", prefix); |
| 1321 | 1321 | ||
| 1322 | /* We will allow 11 spaces for ' (deleted)' to be appended */ | 1322 | /* We will allow 11 spaces for ' (deleted)' to be appended */ |
| 1323 | path = kmalloc(PATH_MAX+11, ab->gfp_mask); | 1323 | pathname = kmalloc(PATH_MAX+11, ab->gfp_mask); |
| 1324 | if (!path) { | 1324 | if (!pathname) { |
| 1325 | audit_log_format(ab, "<no memory>"); | 1325 | audit_log_format(ab, "<no memory>"); |
| 1326 | return; | 1326 | return; |
| 1327 | } | 1327 | } |
| 1328 | p = d_path(dentry, vfsmnt, path, PATH_MAX+11); | 1328 | p = d_path(path->dentry, path->mnt, pathname, PATH_MAX+11); |
| 1329 | if (IS_ERR(p)) { /* Should never happen since we send PATH_MAX */ | 1329 | if (IS_ERR(p)) { /* Should never happen since we send PATH_MAX */ |
| 1330 | /* FIXME: can we save some information here? */ | 1330 | /* FIXME: can we save some information here? */ |
| 1331 | audit_log_format(ab, "<too long>"); | 1331 | audit_log_format(ab, "<too long>"); |
| 1332 | } else | 1332 | } else |
| 1333 | audit_log_untrustedstring(ab, p); | 1333 | audit_log_untrustedstring(ab, p); |
| 1334 | kfree(path); | 1334 | kfree(pathname); |
| 1335 | } | 1335 | } |
| 1336 | 1336 | ||
| 1337 | /** | 1337 | /** |
diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 741291a1de0d..ac6d9b23b018 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c | |||
| @@ -208,8 +208,7 @@ struct audit_context { | |||
| 208 | int name_count; | 208 | int name_count; |
| 209 | struct audit_names names[AUDIT_NAMES]; | 209 | struct audit_names names[AUDIT_NAMES]; |
| 210 | char * filterkey; /* key for rule that triggered record */ | 210 | char * filterkey; /* key for rule that triggered record */ |
| 211 | struct dentry * pwd; | 211 | struct path pwd; |
| 212 | struct vfsmount * pwdmnt; | ||
| 213 | struct audit_context *previous; /* For nested syscalls */ | 212 | struct audit_context *previous; /* For nested syscalls */ |
| 214 | struct audit_aux_data *aux; | 213 | struct audit_aux_data *aux; |
| 215 | struct audit_aux_data *aux_pids; | 214 | struct audit_aux_data *aux_pids; |
| @@ -786,12 +785,9 @@ static inline void audit_free_names(struct audit_context *context) | |||
| 786 | __putname(context->names[i].name); | 785 | __putname(context->names[i].name); |
| 787 | } | 786 | } |
| 788 | context->name_count = 0; | 787 | context->name_count = 0; |
| 789 | if (context->pwd) | 788 | path_put(&context->pwd); |
| 790 | dput(context->pwd); | 789 | context->pwd.dentry = NULL; |
| 791 | if (context->pwdmnt) | 790 | context->pwd.mnt = NULL; |
| 792 | mntput(context->pwdmnt); | ||
| 793 | context->pwd = NULL; | ||
| 794 | context->pwdmnt = NULL; | ||
| 795 | } | 791 | } |
| 796 | 792 | ||
| 797 | static inline void audit_free_aux(struct audit_context *context) | 793 | static inline void audit_free_aux(struct audit_context *context) |
| @@ -930,8 +926,7 @@ static void audit_log_task_info(struct audit_buffer *ab, struct task_struct *tsk | |||
| 930 | if ((vma->vm_flags & VM_EXECUTABLE) && | 926 | if ((vma->vm_flags & VM_EXECUTABLE) && |
| 931 | vma->vm_file) { | 927 | vma->vm_file) { |
| 932 | audit_log_d_path(ab, "exe=", | 928 | audit_log_d_path(ab, "exe=", |
| 933 | vma->vm_file->f_path.dentry, | 929 | &vma->vm_file->f_path); |
| 934 | vma->vm_file->f_path.mnt); | ||
| 935 | break; | 930 | break; |
| 936 | } | 931 | } |
| 937 | vma = vma->vm_next; | 932 | vma = vma->vm_next; |
| @@ -1341,10 +1336,10 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts | |||
| 1341 | context->target_sid, context->target_comm)) | 1336 | context->target_sid, context->target_comm)) |
| 1342 | call_panic = 1; | 1337 | call_panic = 1; |
| 1343 | 1338 | ||
| 1344 | if (context->pwd && context->pwdmnt) { | 1339 | if (context->pwd.dentry && context->pwd.mnt) { |
| 1345 | ab = audit_log_start(context, GFP_KERNEL, AUDIT_CWD); | 1340 | ab = audit_log_start(context, GFP_KERNEL, AUDIT_CWD); |
| 1346 | if (ab) { | 1341 | if (ab) { |
| 1347 | audit_log_d_path(ab, "cwd=", context->pwd, context->pwdmnt); | 1342 | audit_log_d_path(ab, "cwd=", &context->pwd); |
| 1348 | audit_log_end(ab); | 1343 | audit_log_end(ab); |
| 1349 | } | 1344 | } |
| 1350 | } | 1345 | } |
| @@ -1367,8 +1362,7 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts | |||
| 1367 | case 0: | 1362 | case 0: |
| 1368 | /* name was specified as a relative path and the | 1363 | /* name was specified as a relative path and the |
| 1369 | * directory component is the cwd */ | 1364 | * directory component is the cwd */ |
| 1370 | audit_log_d_path(ab, " name=", context->pwd, | 1365 | audit_log_d_path(ab, " name=", &context->pwd); |
| 1371 | context->pwdmnt); | ||
| 1372 | break; | 1366 | break; |
| 1373 | default: | 1367 | default: |
| 1374 | /* log the name's directory component */ | 1368 | /* log the name's directory component */ |
| @@ -1695,10 +1689,10 @@ void __audit_getname(const char *name) | |||
| 1695 | context->names[context->name_count].ino = (unsigned long)-1; | 1689 | context->names[context->name_count].ino = (unsigned long)-1; |
| 1696 | context->names[context->name_count].osid = 0; | 1690 | context->names[context->name_count].osid = 0; |
| 1697 | ++context->name_count; | 1691 | ++context->name_count; |
| 1698 | if (!context->pwd) { | 1692 | if (!context->pwd.dentry) { |
| 1699 | read_lock(¤t->fs->lock); | 1693 | read_lock(¤t->fs->lock); |
| 1700 | context->pwd = dget(current->fs->pwd.dentry); | 1694 | context->pwd = current->fs->pwd; |
| 1701 | context->pwdmnt = mntget(current->fs->pwd.mnt); | 1695 | path_get(¤t->fs->pwd); |
| 1702 | read_unlock(¤t->fs->lock); | 1696 | read_unlock(¤t->fs->lock); |
| 1703 | } | 1697 | } |
| 1704 | 1698 | ||
diff --git a/security/selinux/avc.c b/security/selinux/avc.c index e8529e2f51e5..187964e88af1 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c | |||
| @@ -568,10 +568,11 @@ void avc_audit(u32 ssid, u32 tsid, | |||
| 568 | audit_log_format(ab, " capability=%d", a->u.cap); | 568 | audit_log_format(ab, " capability=%d", a->u.cap); |
| 569 | break; | 569 | break; |
| 570 | case AVC_AUDIT_DATA_FS: | 570 | case AVC_AUDIT_DATA_FS: |
| 571 | if (a->u.fs.dentry) { | 571 | if (a->u.fs.path.dentry) { |
| 572 | struct dentry *dentry = a->u.fs.dentry; | 572 | struct dentry *dentry = a->u.fs.path.dentry; |
| 573 | if (a->u.fs.mnt) { | 573 | if (a->u.fs.path.mnt) { |
| 574 | audit_log_d_path(ab, "path=", dentry, a->u.fs.mnt); | 574 | audit_log_d_path(ab, "path=", |
| 575 | &a->u.fs.path); | ||
| 575 | } else { | 576 | } else { |
| 576 | audit_log_format(ab, " name="); | 577 | audit_log_format(ab, " name="); |
| 577 | audit_log_untrustedstring(ab, dentry->d_name.name); | 578 | audit_log_untrustedstring(ab, dentry->d_name.name); |
| @@ -626,8 +627,12 @@ void avc_audit(u32 ssid, u32 tsid, | |||
| 626 | case AF_UNIX: | 627 | case AF_UNIX: |
| 627 | u = unix_sk(sk); | 628 | u = unix_sk(sk); |
| 628 | if (u->dentry) { | 629 | if (u->dentry) { |
| 630 | struct path path = { | ||
| 631 | .dentry = u->dentry, | ||
| 632 | .mnt = u->mnt | ||
| 633 | }; | ||
| 629 | audit_log_d_path(ab, "path=", | 634 | audit_log_d_path(ab, "path=", |
| 630 | u->dentry, u->mnt); | 635 | &path); |
| 631 | break; | 636 | break; |
| 632 | } | 637 | } |
| 633 | if (!u->addr) | 638 | if (!u->addr) |
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index ffeefa3c2c77..75c2e99bfb81 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
| @@ -1356,8 +1356,8 @@ static inline int dentry_has_perm(struct task_struct *tsk, | |||
| 1356 | struct inode *inode = dentry->d_inode; | 1356 | struct inode *inode = dentry->d_inode; |
| 1357 | struct avc_audit_data ad; | 1357 | struct avc_audit_data ad; |
| 1358 | AVC_AUDIT_DATA_INIT(&ad,FS); | 1358 | AVC_AUDIT_DATA_INIT(&ad,FS); |
| 1359 | ad.u.fs.mnt = mnt; | 1359 | ad.u.fs.path.mnt = mnt; |
| 1360 | ad.u.fs.dentry = dentry; | 1360 | ad.u.fs.path.dentry = dentry; |
| 1361 | return inode_has_perm(tsk, inode, av, &ad); | 1361 | return inode_has_perm(tsk, inode, av, &ad); |
| 1362 | } | 1362 | } |
| 1363 | 1363 | ||
| @@ -1375,15 +1375,12 @@ static int file_has_perm(struct task_struct *tsk, | |||
| 1375 | { | 1375 | { |
| 1376 | struct task_security_struct *tsec = tsk->security; | 1376 | struct task_security_struct *tsec = tsk->security; |
| 1377 | struct file_security_struct *fsec = file->f_security; | 1377 | struct file_security_struct *fsec = file->f_security; |
| 1378 | struct vfsmount *mnt = file->f_path.mnt; | 1378 | struct inode *inode = file->f_path.dentry->d_inode; |
| 1379 | struct dentry *dentry = file->f_path.dentry; | ||
| 1380 | struct inode *inode = dentry->d_inode; | ||
| 1381 | struct avc_audit_data ad; | 1379 | struct avc_audit_data ad; |
| 1382 | int rc; | 1380 | int rc; |
| 1383 | 1381 | ||
| 1384 | AVC_AUDIT_DATA_INIT(&ad, FS); | 1382 | AVC_AUDIT_DATA_INIT(&ad, FS); |
| 1385 | ad.u.fs.mnt = mnt; | 1383 | ad.u.fs.path = file->f_path; |
| 1386 | ad.u.fs.dentry = dentry; | ||
| 1387 | 1384 | ||
| 1388 | if (tsec->sid != fsec->sid) { | 1385 | if (tsec->sid != fsec->sid) { |
| 1389 | rc = avc_has_perm(tsec->sid, fsec->sid, | 1386 | rc = avc_has_perm(tsec->sid, fsec->sid, |
| @@ -1418,7 +1415,7 @@ static int may_create(struct inode *dir, | |||
| 1418 | sbsec = dir->i_sb->s_security; | 1415 | sbsec = dir->i_sb->s_security; |
| 1419 | 1416 | ||
| 1420 | AVC_AUDIT_DATA_INIT(&ad, FS); | 1417 | AVC_AUDIT_DATA_INIT(&ad, FS); |
| 1421 | ad.u.fs.dentry = dentry; | 1418 | ad.u.fs.path.dentry = dentry; |
| 1422 | 1419 | ||
| 1423 | rc = avc_has_perm(tsec->sid, dsec->sid, SECCLASS_DIR, | 1420 | rc = avc_has_perm(tsec->sid, dsec->sid, SECCLASS_DIR, |
| 1424 | DIR__ADD_NAME | DIR__SEARCH, | 1421 | DIR__ADD_NAME | DIR__SEARCH, |
| @@ -1476,7 +1473,7 @@ static int may_link(struct inode *dir, | |||
| 1476 | isec = dentry->d_inode->i_security; | 1473 | isec = dentry->d_inode->i_security; |
| 1477 | 1474 | ||
| 1478 | AVC_AUDIT_DATA_INIT(&ad, FS); | 1475 | AVC_AUDIT_DATA_INIT(&ad, FS); |
| 1479 | ad.u.fs.dentry = dentry; | 1476 | ad.u.fs.path.dentry = dentry; |
| 1480 | 1477 | ||
| 1481 | av = DIR__SEARCH; | 1478 | av = DIR__SEARCH; |
| 1482 | av |= (kind ? DIR__REMOVE_NAME : DIR__ADD_NAME); | 1479 | av |= (kind ? DIR__REMOVE_NAME : DIR__ADD_NAME); |
| @@ -1523,7 +1520,7 @@ static inline int may_rename(struct inode *old_dir, | |||
| 1523 | 1520 | ||
| 1524 | AVC_AUDIT_DATA_INIT(&ad, FS); | 1521 | AVC_AUDIT_DATA_INIT(&ad, FS); |
| 1525 | 1522 | ||
| 1526 | ad.u.fs.dentry = old_dentry; | 1523 | ad.u.fs.path.dentry = old_dentry; |
| 1527 | rc = avc_has_perm(tsec->sid, old_dsec->sid, SECCLASS_DIR, | 1524 | rc = avc_has_perm(tsec->sid, old_dsec->sid, SECCLASS_DIR, |
| 1528 | DIR__REMOVE_NAME | DIR__SEARCH, &ad); | 1525 | DIR__REMOVE_NAME | DIR__SEARCH, &ad); |
| 1529 | if (rc) | 1526 | if (rc) |
| @@ -1539,7 +1536,7 @@ static inline int may_rename(struct inode *old_dir, | |||
| 1539 | return rc; | 1536 | return rc; |
| 1540 | } | 1537 | } |
| 1541 | 1538 | ||
| 1542 | ad.u.fs.dentry = new_dentry; | 1539 | ad.u.fs.path.dentry = new_dentry; |
| 1543 | av = DIR__ADD_NAME | DIR__SEARCH; | 1540 | av = DIR__ADD_NAME | DIR__SEARCH; |
| 1544 | if (new_dentry->d_inode) | 1541 | if (new_dentry->d_inode) |
| 1545 | av |= DIR__REMOVE_NAME; | 1542 | av |= DIR__REMOVE_NAME; |
| @@ -1918,8 +1915,7 @@ static int selinux_bprm_set_security(struct linux_binprm *bprm) | |||
| 1918 | } | 1915 | } |
| 1919 | 1916 | ||
| 1920 | AVC_AUDIT_DATA_INIT(&ad, FS); | 1917 | AVC_AUDIT_DATA_INIT(&ad, FS); |
| 1921 | ad.u.fs.mnt = bprm->file->f_path.mnt; | 1918 | ad.u.fs.path = bprm->file->f_path; |
| 1922 | ad.u.fs.dentry = bprm->file->f_path.dentry; | ||
| 1923 | 1919 | ||
| 1924 | if (bprm->file->f_path.mnt->mnt_flags & MNT_NOSUID) | 1920 | if (bprm->file->f_path.mnt->mnt_flags & MNT_NOSUID) |
| 1925 | newsid = tsec->sid; | 1921 | newsid = tsec->sid; |
| @@ -2315,7 +2311,7 @@ static int selinux_sb_kern_mount(struct super_block *sb, void *data) | |||
| 2315 | return rc; | 2311 | return rc; |
| 2316 | 2312 | ||
| 2317 | AVC_AUDIT_DATA_INIT(&ad,FS); | 2313 | AVC_AUDIT_DATA_INIT(&ad,FS); |
| 2318 | ad.u.fs.dentry = sb->s_root; | 2314 | ad.u.fs.path.dentry = sb->s_root; |
| 2319 | return superblock_has_perm(current, sb, FILESYSTEM__MOUNT, &ad); | 2315 | return superblock_has_perm(current, sb, FILESYSTEM__MOUNT, &ad); |
| 2320 | } | 2316 | } |
| 2321 | 2317 | ||
| @@ -2324,7 +2320,7 @@ static int selinux_sb_statfs(struct dentry *dentry) | |||
| 2324 | struct avc_audit_data ad; | 2320 | struct avc_audit_data ad; |
| 2325 | 2321 | ||
| 2326 | AVC_AUDIT_DATA_INIT(&ad,FS); | 2322 | AVC_AUDIT_DATA_INIT(&ad,FS); |
| 2327 | ad.u.fs.dentry = dentry->d_sb->s_root; | 2323 | ad.u.fs.path.dentry = dentry->d_sb->s_root; |
| 2328 | return superblock_has_perm(current, dentry->d_sb, FILESYSTEM__GETATTR, &ad); | 2324 | return superblock_has_perm(current, dentry->d_sb, FILESYSTEM__GETATTR, &ad); |
| 2329 | } | 2325 | } |
| 2330 | 2326 | ||
| @@ -2587,7 +2583,7 @@ static int selinux_inode_setxattr(struct dentry *dentry, char *name, void *value | |||
| 2587 | return -EPERM; | 2583 | return -EPERM; |
| 2588 | 2584 | ||
| 2589 | AVC_AUDIT_DATA_INIT(&ad,FS); | 2585 | AVC_AUDIT_DATA_INIT(&ad,FS); |
| 2590 | ad.u.fs.dentry = dentry; | 2586 | ad.u.fs.path.dentry = dentry; |
| 2591 | 2587 | ||
| 2592 | rc = avc_has_perm(tsec->sid, isec->sid, isec->sclass, | 2588 | rc = avc_has_perm(tsec->sid, isec->sid, isec->sclass, |
| 2593 | FILE__RELABELFROM, &ad); | 2589 | FILE__RELABELFROM, &ad); |
diff --git a/security/selinux/include/avc.h b/security/selinux/include/avc.h index 80c28fa6621c..8e23d7a873a4 100644 --- a/security/selinux/include/avc.h +++ b/security/selinux/include/avc.h | |||
| @@ -13,6 +13,7 @@ | |||
| 13 | #include <linux/spinlock.h> | 13 | #include <linux/spinlock.h> |
| 14 | #include <linux/init.h> | 14 | #include <linux/init.h> |
| 15 | #include <linux/in6.h> | 15 | #include <linux/in6.h> |
| 16 | #include <linux/path.h> | ||
| 16 | #include <asm/system.h> | 17 | #include <asm/system.h> |
| 17 | #include "flask.h" | 18 | #include "flask.h" |
| 18 | #include "av_permissions.h" | 19 | #include "av_permissions.h" |
| @@ -30,8 +31,6 @@ extern int selinux_enforcing; | |||
| 30 | struct avc_entry; | 31 | struct avc_entry; |
| 31 | 32 | ||
| 32 | struct task_struct; | 33 | struct task_struct; |
| 33 | struct vfsmount; | ||
| 34 | struct dentry; | ||
| 35 | struct inode; | 34 | struct inode; |
| 36 | struct sock; | 35 | struct sock; |
| 37 | struct sk_buff; | 36 | struct sk_buff; |
| @@ -46,8 +45,7 @@ struct avc_audit_data { | |||
| 46 | struct task_struct *tsk; | 45 | struct task_struct *tsk; |
| 47 | union { | 46 | union { |
| 48 | struct { | 47 | struct { |
| 49 | struct vfsmount *mnt; | 48 | struct path path; |
| 50 | struct dentry *dentry; | ||
| 51 | struct inode *inode; | 49 | struct inode *inode; |
| 52 | } fs; | 50 | } fs; |
| 53 | struct { | 51 | struct { |