aboutsummaryrefslogtreecommitdiffstats
path: root/include/linux
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2008-11-13 18:39:22 -0500
committerJames Morris <jmorris@namei.org>2008-11-13 18:39:22 -0500
commit745ca2475a6ac596e3d8d37c2759c0fbe2586227 (patch)
treef87c34bdfbc8542477b16a014bbb4e3b415b286a /include/linux
parent88e67f3b8898c5ea81d2916dd5b8bc9c0c35ba13 (diff)
CRED: Pass credentials through dentry_open()
Pass credentials through dentry_open() so that the COW creds patch can have SELinux's flush_unauthorized_files() pass the appropriate creds back to itself when it opens its null chardev. The security_dentry_open() call also now takes a creds pointer, as does the dentry_open hook in struct security_operations. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: James Morris <jmorris@namei.org> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'include/linux')
-rw-r--r--include/linux/fs.h4
-rw-r--r--include/linux/security.h7
2 files changed, 7 insertions, 4 deletions
diff --git a/include/linux/fs.h b/include/linux/fs.h
index b3d404aaabed..3bfec1327b8d 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -315,6 +315,7 @@ struct poll_table_struct;
315struct kstatfs; 315struct kstatfs;
316struct vm_area_struct; 316struct vm_area_struct;
317struct vfsmount; 317struct vfsmount;
318struct cred;
318 319
319extern void __init inode_init(void); 320extern void __init inode_init(void);
320extern void __init inode_init_early(void); 321extern void __init inode_init_early(void);
@@ -1673,7 +1674,8 @@ extern int do_truncate(struct dentry *, loff_t start, unsigned int time_attrs,
1673extern long do_sys_open(int dfd, const char __user *filename, int flags, 1674extern long do_sys_open(int dfd, const char __user *filename, int flags,
1674 int mode); 1675 int mode);
1675extern struct file *filp_open(const char *, int, int); 1676extern struct file *filp_open(const char *, int, int);
1676extern struct file * dentry_open(struct dentry *, struct vfsmount *, int); 1677extern struct file * dentry_open(struct dentry *, struct vfsmount *, int,
1678 const struct cred *);
1677extern int filp_close(struct file *, fl_owner_t id); 1679extern int filp_close(struct file *, fl_owner_t id);
1678extern char * getname(const char __user *); 1680extern char * getname(const char __user *);
1679 1681
diff --git a/include/linux/security.h b/include/linux/security.h
index 9239cc11eb9c..7e9fe046a0d1 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -1402,7 +1402,7 @@ struct security_operations {
1402 int (*file_send_sigiotask) (struct task_struct *tsk, 1402 int (*file_send_sigiotask) (struct task_struct *tsk,
1403 struct fown_struct *fown, int sig); 1403 struct fown_struct *fown, int sig);
1404 int (*file_receive) (struct file *file); 1404 int (*file_receive) (struct file *file);
1405 int (*dentry_open) (struct file *file); 1405 int (*dentry_open) (struct file *file, const struct cred *cred);
1406 1406
1407 int (*task_create) (unsigned long clone_flags); 1407 int (*task_create) (unsigned long clone_flags);
1408 int (*cred_alloc_security) (struct cred *cred); 1408 int (*cred_alloc_security) (struct cred *cred);
@@ -1658,7 +1658,7 @@ int security_file_set_fowner(struct file *file);
1658int security_file_send_sigiotask(struct task_struct *tsk, 1658int security_file_send_sigiotask(struct task_struct *tsk,
1659 struct fown_struct *fown, int sig); 1659 struct fown_struct *fown, int sig);
1660int security_file_receive(struct file *file); 1660int security_file_receive(struct file *file);
1661int security_dentry_open(struct file *file); 1661int security_dentry_open(struct file *file, const struct cred *cred);
1662int security_task_create(unsigned long clone_flags); 1662int security_task_create(unsigned long clone_flags);
1663int security_cred_alloc(struct cred *cred); 1663int security_cred_alloc(struct cred *cred);
1664void security_cred_free(struct cred *cred); 1664void security_cred_free(struct cred *cred);
@@ -2171,7 +2171,8 @@ static inline int security_file_receive(struct file *file)
2171 return 0; 2171 return 0;
2172} 2172}
2173 2173
2174static inline int security_dentry_open(struct file *file) 2174static inline int security_dentry_open(struct file *file,
2175 const struct cred *cred)
2175{ 2176{
2176 return 0; 2177 return 0;
2177} 2178}