aboutsummaryrefslogtreecommitdiffstats
path: root/security/security.c
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2010-08-10 14:39:13 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2010-08-10 14:39:13 -0400
commit8c8946f509a494769a8c602b5ed189df01917d39 (patch)
treedfd96bd6ca5ea6803c6d77f65ba37e04f78b2d3b /security/security.c
parent5f248c9c251c60af3403902b26e08de43964ea0b (diff)
parent1968f5eed54ce47bde488fd9a450912e4a2d7138 (diff)
Merge branch 'for-linus' of git://git.infradead.org/users/eparis/notify
* 'for-linus' of git://git.infradead.org/users/eparis/notify: (132 commits) fanotify: use both marks when possible fsnotify: pass both the vfsmount mark and inode mark fsnotify: walk the inode and vfsmount lists simultaneously fsnotify: rework ignored mark flushing fsnotify: remove global fsnotify groups lists fsnotify: remove group->mask fsnotify: remove the global masks fsnotify: cleanup should_send_event fanotify: use the mark in handler functions audit: use the mark in handler functions dnotify: use the mark in handler functions inotify: use the mark in handler functions fsnotify: send fsnotify_mark to groups in event handling functions fsnotify: Exchange list heads instead of moving elements fsnotify: srcu to protect read side of inode and vfsmount locks fsnotify: use an explicit flag to indicate fsnotify_destroy_mark has been called fsnotify: use _rcu functions for mark list traversal fsnotify: place marks on object in order of group memory address vfs/fsnotify: fsnotify_close can delay the final work in fput fsnotify: store struct file not struct path ... Fix up trivial delete/modify conflict in fs/notify/inotify/inotify.c.
Diffstat (limited to 'security/security.c')
-rw-r--r--security/security.c16
1 files changed, 14 insertions, 2 deletions
diff --git a/security/security.c b/security/security.c
index e8c87b8601b4..7461b1bc296c 100644
--- a/security/security.c
+++ b/security/security.c
@@ -619,7 +619,13 @@ void security_inode_getsecid(const struct inode *inode, u32 *secid)
619 619
620int security_file_permission(struct file *file, int mask) 620int security_file_permission(struct file *file, int mask)
621{ 621{
622 return security_ops->file_permission(file, mask); 622 int ret;
623
624 ret = security_ops->file_permission(file, mask);
625 if (ret)
626 return ret;
627
628 return fsnotify_perm(file, mask);
623} 629}
624 630
625int security_file_alloc(struct file *file) 631int security_file_alloc(struct file *file)
@@ -683,7 +689,13 @@ int security_file_receive(struct file *file)
683 689
684int security_dentry_open(struct file *file, const struct cred *cred) 690int security_dentry_open(struct file *file, const struct cred *cred)
685{ 691{
686 return security_ops->dentry_open(file, cred); 692 int ret;
693
694 ret = security_ops->dentry_open(file, cred);
695 if (ret)
696 return ret;
697
698 return fsnotify_perm(file, MAY_OPEN);
687} 699}
688 700
689int security_task_create(unsigned long clone_flags) 701int security_task_create(unsigned long clone_flags)