switch flush_unauthorized_files() to replace_fd()

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

1 files changed, 15 insertions, 32 deletions

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 6c77f63c7591..00b50113642d 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -2126,8 +2126,6 @@ static inline void flush_unauthorized_files(const struct cred *cred,
         spin_lock(&files->file_lock);
         for (;;) {
                 unsigned long set, i;
-                int fd;
-
                 j++;
                 i = j * BITS_PER_LONG;
                 fdt = files_fdtable(files);
@@ -2138,38 +2136,23 @@ static inline void flush_unauthorized_files(const struct cred *cred,
                         continue;
                 spin_unlock(&files->file_lock);
                 for ( ; set ; i++, set >>= 1) {
-                        if (set & 1) {
-                                file = fget(i);
-                                if (!file)
-                                        continue;
-                                if (file_has_perm(cred,
-                                                  file,
-                                                  file_to_av(file))) {
-                                        sys_close(i);
-                                        fd = get_unused_fd();
-                                        if (fd != i) {
-                                                if (fd >= 0)
-                                                        put_unused_fd(fd);
-                                                fput(file);
-                                                continue;
-                                        }
-                                        if (devnull) {
-                                                get_file(devnull);
-                                        } else {
-                                                devnull = dentry_open(
-                                                        &selinux_null,
-                                                        O_RDWR, cred);
-                                                if (IS_ERR(devnull)) {
-                                                        devnull = NULL;
-                                                        put_unused_fd(fd);
-                                                        fput(file);
-                                                        continue;
-                                                }
-                                        }
-                                        fd_install(fd, devnull);
+                        if (!(set & 1))
+                                continue;
+                        file = fget(i);
+                        if (!file)
+                                continue;
+                        if (file_has_perm(cred, file, file_to_av(file))) {
+                                if (devnull) {
+                                        get_file(devnull);
+                                } else {
+                                        devnull = dentry_open(&selinux_null,
+                                                                O_RDWR, cred);
+                                        if (IS_ERR(devnull))
+                                                devnull = NULL;
                                 }
-                                fput(file);
+                                replace_fd(i, devnull, 0);
                         }
+                        fput(file);
                 }
                 spin_lock(&files->file_lock);