diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2009-06-11 13:01:41 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2009-06-11 13:01:41 -0400 |
| commit | 3296ca27f50ecbd71db1d808c7a72d311027f919 (patch) | |
| tree | 833eaa58b2013bda86d4bd95faf6efad7a2d5ca4 /fs/namei.c | |
| parent | e893123c7378192c094747dadec326b7c000c190 (diff) | |
| parent | 73fbad283cfbbcf02939bdbda31fc4a30e729cca (diff) | |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: (44 commits)
nommu: Provide mmap_min_addr definition.
TOMOYO: Add description of lists and structures.
TOMOYO: Remove unused field.
integrity: ima audit dentry_open failure
TOMOYO: Remove unused parameter.
security: use mmap_min_addr indepedently of security models
TOMOYO: Simplify policy reader.
TOMOYO: Remove redundant markers.
SELinux: define audit permissions for audit tree netlink messages
TOMOYO: Remove unused mutex.
tomoyo: avoid get+put of task_struct
smack: Remove redundant initialization.
integrity: nfsd imbalance bug fix
rootplug: Remove redundant initialization.
smack: do not beyond ARRAY_SIZE of data
integrity: move ima_counts_get
integrity: path_check update
IMA: Add __init notation to ima functions
IMA: Minimal IMA policy and boot param for TCB IMA policy
selinux: remove obsolete read buffer limit from sel_read_bool
...
Diffstat (limited to 'fs/namei.c')
| -rw-r--r-- | fs/namei.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/fs/namei.c b/fs/namei.c index 967c3db92724..c82805d088e1 100644 --- a/fs/namei.c +++ b/fs/namei.c | |||
| @@ -853,7 +853,8 @@ static int __link_path_walk(const char *name, struct nameidata *nd) | |||
| 853 | err = inode_permission(nd->path.dentry->d_inode, | 853 | err = inode_permission(nd->path.dentry->d_inode, |
| 854 | MAY_EXEC); | 854 | MAY_EXEC); |
| 855 | if (!err) | 855 | if (!err) |
| 856 | err = ima_path_check(&nd->path, MAY_EXEC); | 856 | err = ima_path_check(&nd->path, MAY_EXEC, |
| 857 | IMA_COUNT_UPDATE); | ||
| 857 | if (err) | 858 | if (err) |
| 858 | break; | 859 | break; |
| 859 | 860 | ||
| @@ -1515,7 +1516,8 @@ int may_open(struct path *path, int acc_mode, int flag) | |||
| 1515 | return error; | 1516 | return error; |
| 1516 | 1517 | ||
| 1517 | error = ima_path_check(path, | 1518 | error = ima_path_check(path, |
| 1518 | acc_mode & (MAY_READ | MAY_WRITE | MAY_EXEC)); | 1519 | acc_mode & (MAY_READ | MAY_WRITE | MAY_EXEC), |
| 1520 | IMA_COUNT_UPDATE); | ||
| 1519 | if (error) | 1521 | if (error) |
| 1520 | return error; | 1522 | return error; |
| 1521 | /* | 1523 | /* |