diff options
| author | David Howells <dhowells@redhat.com> | 2008-11-13 18:39:22 -0500 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2008-11-13 18:39:22 -0500 |
| commit | 745ca2475a6ac596e3d8d37c2759c0fbe2586227 (patch) | |
| tree | f87c34bdfbc8542477b16a014bbb4e3b415b286a /ipc | |
| parent | 88e67f3b8898c5ea81d2916dd5b8bc9c0c35ba13 (diff) | |
CRED: Pass credentials through dentry_open()
Pass credentials through dentry_open() so that the COW creds patch can have
SELinux's flush_unauthorized_files() pass the appropriate creds back to itself
when it opens its null chardev.
The security_dentry_open() call also now takes a creds pointer, as does the
dentry_open hook in struct security_operations.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: James Morris <jmorris@namei.org>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'ipc')
| -rw-r--r-- | ipc/mqueue.c | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/ipc/mqueue.c b/ipc/mqueue.c index 1151881ccb9a..d9393f8e4c3e 100644 --- a/ipc/mqueue.c +++ b/ipc/mqueue.c | |||
| @@ -594,6 +594,7 @@ static int mq_attr_ok(struct mq_attr *attr) | |||
| 594 | static struct file *do_create(struct dentry *dir, struct dentry *dentry, | 594 | static struct file *do_create(struct dentry *dir, struct dentry *dentry, |
| 595 | int oflag, mode_t mode, struct mq_attr __user *u_attr) | 595 | int oflag, mode_t mode, struct mq_attr __user *u_attr) |
| 596 | { | 596 | { |
| 597 | const struct cred *cred = current_cred(); | ||
| 597 | struct mq_attr attr; | 598 | struct mq_attr attr; |
| 598 | struct file *result; | 599 | struct file *result; |
| 599 | int ret; | 600 | int ret; |
| @@ -618,7 +619,7 @@ static struct file *do_create(struct dentry *dir, struct dentry *dentry, | |||
| 618 | if (ret) | 619 | if (ret) |
| 619 | goto out_drop_write; | 620 | goto out_drop_write; |
| 620 | 621 | ||
| 621 | result = dentry_open(dentry, mqueue_mnt, oflag); | 622 | result = dentry_open(dentry, mqueue_mnt, oflag, cred); |
| 622 | /* | 623 | /* |
| 623 | * dentry_open() took a persistent mnt_want_write(), | 624 | * dentry_open() took a persistent mnt_want_write(), |
| 624 | * so we can now drop this one. | 625 | * so we can now drop this one. |
| @@ -637,8 +638,10 @@ out: | |||
| 637 | /* Opens existing queue */ | 638 | /* Opens existing queue */ |
| 638 | static struct file *do_open(struct dentry *dentry, int oflag) | 639 | static struct file *do_open(struct dentry *dentry, int oflag) |
| 639 | { | 640 | { |
| 640 | static int oflag2acc[O_ACCMODE] = { MAY_READ, MAY_WRITE, | 641 | const struct cred *cred = current_cred(); |
| 641 | MAY_READ | MAY_WRITE }; | 642 | |
| 643 | static const int oflag2acc[O_ACCMODE] = { MAY_READ, MAY_WRITE, | ||
| 644 | MAY_READ | MAY_WRITE }; | ||
| 642 | 645 | ||
| 643 | if ((oflag & O_ACCMODE) == (O_RDWR | O_WRONLY)) { | 646 | if ((oflag & O_ACCMODE) == (O_RDWR | O_WRONLY)) { |
| 644 | dput(dentry); | 647 | dput(dentry); |
| @@ -652,7 +655,7 @@ static int oflag2acc[O_ACCMODE] = { MAY_READ, MAY_WRITE, | |||
| 652 | return ERR_PTR(-EACCES); | 655 | return ERR_PTR(-EACCES); |
| 653 | } | 656 | } |
| 654 | 657 | ||
| 655 | return dentry_open(dentry, mqueue_mnt, oflag); | 658 | return dentry_open(dentry, mqueue_mnt, oflag, cred); |
| 656 | } | 659 | } |
| 657 | 660 | ||
| 658 | asmlinkage long sys_mq_open(const char __user *u_name, int oflag, mode_t mode, | 661 | asmlinkage long sys_mq_open(const char __user *u_name, int oflag, mode_t mode, |