diff options
author | David Howells <dhowells@redhat.com> | 2008-11-13 18:39:22 -0500 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2008-11-13 18:39:22 -0500 |
commit | 745ca2475a6ac596e3d8d37c2759c0fbe2586227 (patch) | |
tree | f87c34bdfbc8542477b16a014bbb4e3b415b286a /ipc | |
parent | 88e67f3b8898c5ea81d2916dd5b8bc9c0c35ba13 (diff) |
CRED: Pass credentials through dentry_open()
Pass credentials through dentry_open() so that the COW creds patch can have
SELinux's flush_unauthorized_files() pass the appropriate creds back to itself
when it opens its null chardev.
The security_dentry_open() call also now takes a creds pointer, as does the
dentry_open hook in struct security_operations.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: James Morris <jmorris@namei.org>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'ipc')
-rw-r--r-- | ipc/mqueue.c | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/ipc/mqueue.c b/ipc/mqueue.c index 1151881ccb9a..d9393f8e4c3e 100644 --- a/ipc/mqueue.c +++ b/ipc/mqueue.c | |||
@@ -594,6 +594,7 @@ static int mq_attr_ok(struct mq_attr *attr) | |||
594 | static struct file *do_create(struct dentry *dir, struct dentry *dentry, | 594 | static struct file *do_create(struct dentry *dir, struct dentry *dentry, |
595 | int oflag, mode_t mode, struct mq_attr __user *u_attr) | 595 | int oflag, mode_t mode, struct mq_attr __user *u_attr) |
596 | { | 596 | { |
597 | const struct cred *cred = current_cred(); | ||
597 | struct mq_attr attr; | 598 | struct mq_attr attr; |
598 | struct file *result; | 599 | struct file *result; |
599 | int ret; | 600 | int ret; |
@@ -618,7 +619,7 @@ static struct file *do_create(struct dentry *dir, struct dentry *dentry, | |||
618 | if (ret) | 619 | if (ret) |
619 | goto out_drop_write; | 620 | goto out_drop_write; |
620 | 621 | ||
621 | result = dentry_open(dentry, mqueue_mnt, oflag); | 622 | result = dentry_open(dentry, mqueue_mnt, oflag, cred); |
622 | /* | 623 | /* |
623 | * dentry_open() took a persistent mnt_want_write(), | 624 | * dentry_open() took a persistent mnt_want_write(), |
624 | * so we can now drop this one. | 625 | * so we can now drop this one. |
@@ -637,8 +638,10 @@ out: | |||
637 | /* Opens existing queue */ | 638 | /* Opens existing queue */ |
638 | static struct file *do_open(struct dentry *dentry, int oflag) | 639 | static struct file *do_open(struct dentry *dentry, int oflag) |
639 | { | 640 | { |
640 | static int oflag2acc[O_ACCMODE] = { MAY_READ, MAY_WRITE, | 641 | const struct cred *cred = current_cred(); |
641 | MAY_READ | MAY_WRITE }; | 642 | |
643 | static const int oflag2acc[O_ACCMODE] = { MAY_READ, MAY_WRITE, | ||
644 | MAY_READ | MAY_WRITE }; | ||
642 | 645 | ||
643 | if ((oflag & O_ACCMODE) == (O_RDWR | O_WRONLY)) { | 646 | if ((oflag & O_ACCMODE) == (O_RDWR | O_WRONLY)) { |
644 | dput(dentry); | 647 | dput(dentry); |
@@ -652,7 +655,7 @@ static int oflag2acc[O_ACCMODE] = { MAY_READ, MAY_WRITE, | |||
652 | return ERR_PTR(-EACCES); | 655 | return ERR_PTR(-EACCES); |
653 | } | 656 | } |
654 | 657 | ||
655 | return dentry_open(dentry, mqueue_mnt, oflag); | 658 | return dentry_open(dentry, mqueue_mnt, oflag, cred); |
656 | } | 659 | } |
657 | 660 | ||
658 | asmlinkage long sys_mq_open(const char __user *u_name, int oflag, mode_t mode, | 661 | asmlinkage long sys_mq_open(const char __user *u_name, int oflag, mode_t mode, |