diff options
author | David Howells <dhowells@redhat.com> | 2008-11-13 18:39:22 -0500 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2008-11-13 18:39:22 -0500 |
commit | 745ca2475a6ac596e3d8d37c2759c0fbe2586227 (patch) | |
tree | f87c34bdfbc8542477b16a014bbb4e3b415b286a /include/linux | |
parent | 88e67f3b8898c5ea81d2916dd5b8bc9c0c35ba13 (diff) |
CRED: Pass credentials through dentry_open()
Pass credentials through dentry_open() so that the COW creds patch can have
SELinux's flush_unauthorized_files() pass the appropriate creds back to itself
when it opens its null chardev.
The security_dentry_open() call also now takes a creds pointer, as does the
dentry_open hook in struct security_operations.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: James Morris <jmorris@namei.org>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'include/linux')
-rw-r--r-- | include/linux/fs.h | 4 | ||||
-rw-r--r-- | include/linux/security.h | 7 |
2 files changed, 7 insertions, 4 deletions
diff --git a/include/linux/fs.h b/include/linux/fs.h index b3d404aaabed..3bfec1327b8d 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h | |||
@@ -315,6 +315,7 @@ struct poll_table_struct; | |||
315 | struct kstatfs; | 315 | struct kstatfs; |
316 | struct vm_area_struct; | 316 | struct vm_area_struct; |
317 | struct vfsmount; | 317 | struct vfsmount; |
318 | struct cred; | ||
318 | 319 | ||
319 | extern void __init inode_init(void); | 320 | extern void __init inode_init(void); |
320 | extern void __init inode_init_early(void); | 321 | extern void __init inode_init_early(void); |
@@ -1673,7 +1674,8 @@ extern int do_truncate(struct dentry *, loff_t start, unsigned int time_attrs, | |||
1673 | extern long do_sys_open(int dfd, const char __user *filename, int flags, | 1674 | extern long do_sys_open(int dfd, const char __user *filename, int flags, |
1674 | int mode); | 1675 | int mode); |
1675 | extern struct file *filp_open(const char *, int, int); | 1676 | extern struct file *filp_open(const char *, int, int); |
1676 | extern struct file * dentry_open(struct dentry *, struct vfsmount *, int); | 1677 | extern struct file * dentry_open(struct dentry *, struct vfsmount *, int, |
1678 | const struct cred *); | ||
1677 | extern int filp_close(struct file *, fl_owner_t id); | 1679 | extern int filp_close(struct file *, fl_owner_t id); |
1678 | extern char * getname(const char __user *); | 1680 | extern char * getname(const char __user *); |
1679 | 1681 | ||
diff --git a/include/linux/security.h b/include/linux/security.h index 9239cc11eb9c..7e9fe046a0d1 100644 --- a/include/linux/security.h +++ b/include/linux/security.h | |||
@@ -1402,7 +1402,7 @@ struct security_operations { | |||
1402 | int (*file_send_sigiotask) (struct task_struct *tsk, | 1402 | int (*file_send_sigiotask) (struct task_struct *tsk, |
1403 | struct fown_struct *fown, int sig); | 1403 | struct fown_struct *fown, int sig); |
1404 | int (*file_receive) (struct file *file); | 1404 | int (*file_receive) (struct file *file); |
1405 | int (*dentry_open) (struct file *file); | 1405 | int (*dentry_open) (struct file *file, const struct cred *cred); |
1406 | 1406 | ||
1407 | int (*task_create) (unsigned long clone_flags); | 1407 | int (*task_create) (unsigned long clone_flags); |
1408 | int (*cred_alloc_security) (struct cred *cred); | 1408 | int (*cred_alloc_security) (struct cred *cred); |
@@ -1658,7 +1658,7 @@ int security_file_set_fowner(struct file *file); | |||
1658 | int security_file_send_sigiotask(struct task_struct *tsk, | 1658 | int security_file_send_sigiotask(struct task_struct *tsk, |
1659 | struct fown_struct *fown, int sig); | 1659 | struct fown_struct *fown, int sig); |
1660 | int security_file_receive(struct file *file); | 1660 | int security_file_receive(struct file *file); |
1661 | int security_dentry_open(struct file *file); | 1661 | int security_dentry_open(struct file *file, const struct cred *cred); |
1662 | int security_task_create(unsigned long clone_flags); | 1662 | int security_task_create(unsigned long clone_flags); |
1663 | int security_cred_alloc(struct cred *cred); | 1663 | int security_cred_alloc(struct cred *cred); |
1664 | void security_cred_free(struct cred *cred); | 1664 | void security_cred_free(struct cred *cred); |
@@ -2171,7 +2171,8 @@ static inline int security_file_receive(struct file *file) | |||
2171 | return 0; | 2171 | return 0; |
2172 | } | 2172 | } |
2173 | 2173 | ||
2174 | static inline int security_dentry_open(struct file *file) | 2174 | static inline int security_dentry_open(struct file *file, |
2175 | const struct cred *cred) | ||
2175 | { | 2176 | { |
2176 | return 0; | 2177 | return 0; |
2177 | } | 2178 | } |