diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2012-01-08 15:19:57 -0500 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2012-01-08 15:19:57 -0500 |
commit | 972b2c719990f91eb3b2310d44ef8a2d38955a14 (patch) | |
tree | b25a250ec5bec4b7b6355d214642d8b57c5cab32 /security | |
parent | 02550d61f49266930e674286379d3601006b2893 (diff) | |
parent | c3aa077648e147783a7a53b409578234647db853 (diff) |
Merge branch 'for-linus2' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
* 'for-linus2' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: (165 commits)
reiserfs: Properly display mount options in /proc/mounts
vfs: prevent remount read-only if pending removes
vfs: count unlinked inodes
vfs: protect remounting superblock read-only
vfs: keep list of mounts for each superblock
vfs: switch ->show_options() to struct dentry *
vfs: switch ->show_path() to struct dentry *
vfs: switch ->show_devname() to struct dentry *
vfs: switch ->show_stats to struct dentry *
switch security_path_chmod() to struct path *
vfs: prefer ->dentry->d_sb to ->mnt->mnt_sb
vfs: trim includes a bit
switch mnt_namespace ->root to struct mount
vfs: take /proc/*/mounts and friends to fs/proc_namespace.c
vfs: opencode mntget() mnt_set_mountpoint()
vfs: spread struct mount - remaining argument of next_mnt()
vfs: move fsnotify junk to struct mount
vfs: move mnt_devname
vfs: move mnt_list to struct mount
vfs: switch pnode.h macros to struct mount *
...
Diffstat (limited to 'security')
-rw-r--r-- | security/apparmor/apparmorfs.c | 2 | ||||
-rw-r--r-- | security/apparmor/lsm.c | 11 | ||||
-rw-r--r-- | security/apparmor/path.c | 1 | ||||
-rw-r--r-- | security/capability.c | 13 | ||||
-rw-r--r-- | security/inode.c | 16 | ||||
-rw-r--r-- | security/security.c | 17 | ||||
-rw-r--r-- | security/selinux/hooks.c | 10 | ||||
-rw-r--r-- | security/smack/smack_lsm.c | 4 | ||||
-rw-r--r-- | security/tomoyo/audit.c | 4 | ||||
-rw-r--r-- | security/tomoyo/common.h | 2 | ||||
-rw-r--r-- | security/tomoyo/realpath.c | 9 | ||||
-rw-r--r-- | security/tomoyo/securityfs_if.c | 2 | ||||
-rw-r--r-- | security/tomoyo/tomoyo.c | 15 |
13 files changed, 46 insertions, 60 deletions
diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c index 69ddb47787b2..e39df6d43779 100644 --- a/security/apparmor/apparmorfs.c +++ b/security/apparmor/apparmorfs.c | |||
@@ -165,7 +165,7 @@ static void __init aafs_remove(const char *name) | |||
165 | * | 165 | * |
166 | * Used aafs_remove to remove entries created with this fn. | 166 | * Used aafs_remove to remove entries created with this fn. |
167 | */ | 167 | */ |
168 | static int __init aafs_create(const char *name, int mask, | 168 | static int __init aafs_create(const char *name, umode_t mask, |
169 | const struct file_operations *fops) | 169 | const struct file_operations *fops) |
170 | { | 170 | { |
171 | struct dentry *dentry; | 171 | struct dentry *dentry; |
diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 37832026e58a..2c0a0ff41399 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c | |||
@@ -262,7 +262,7 @@ static int apparmor_path_unlink(struct path *dir, struct dentry *dentry) | |||
262 | } | 262 | } |
263 | 263 | ||
264 | static int apparmor_path_mkdir(struct path *dir, struct dentry *dentry, | 264 | static int apparmor_path_mkdir(struct path *dir, struct dentry *dentry, |
265 | int mode) | 265 | umode_t mode) |
266 | { | 266 | { |
267 | return common_perm_create(OP_MKDIR, dir, dentry, AA_MAY_CREATE, | 267 | return common_perm_create(OP_MKDIR, dir, dentry, AA_MAY_CREATE, |
268 | S_IFDIR); | 268 | S_IFDIR); |
@@ -274,7 +274,7 @@ static int apparmor_path_rmdir(struct path *dir, struct dentry *dentry) | |||
274 | } | 274 | } |
275 | 275 | ||
276 | static int apparmor_path_mknod(struct path *dir, struct dentry *dentry, | 276 | static int apparmor_path_mknod(struct path *dir, struct dentry *dentry, |
277 | int mode, unsigned int dev) | 277 | umode_t mode, unsigned int dev) |
278 | { | 278 | { |
279 | return common_perm_create(OP_MKNOD, dir, dentry, AA_MAY_CREATE, mode); | 279 | return common_perm_create(OP_MKNOD, dir, dentry, AA_MAY_CREATE, mode); |
280 | } | 280 | } |
@@ -344,13 +344,12 @@ static int apparmor_path_rename(struct path *old_dir, struct dentry *old_dentry, | |||
344 | return error; | 344 | return error; |
345 | } | 345 | } |
346 | 346 | ||
347 | static int apparmor_path_chmod(struct dentry *dentry, struct vfsmount *mnt, | 347 | static int apparmor_path_chmod(struct path *path, umode_t mode) |
348 | mode_t mode) | ||
349 | { | 348 | { |
350 | if (!mediated_filesystem(dentry->d_inode)) | 349 | if (!mediated_filesystem(path->dentry->d_inode)) |
351 | return 0; | 350 | return 0; |
352 | 351 | ||
353 | return common_perm_mnt_dentry(OP_CHMOD, mnt, dentry, AA_MAY_CHMOD); | 352 | return common_perm_mnt_dentry(OP_CHMOD, path->mnt, path->dentry, AA_MAY_CHMOD); |
354 | } | 353 | } |
355 | 354 | ||
356 | static int apparmor_path_chown(struct path *path, uid_t uid, gid_t gid) | 355 | static int apparmor_path_chown(struct path *path, uid_t uid, gid_t gid) |
diff --git a/security/apparmor/path.c b/security/apparmor/path.c index b566eba4a65c..9d070a7c3ffc 100644 --- a/security/apparmor/path.c +++ b/security/apparmor/path.c | |||
@@ -13,7 +13,6 @@ | |||
13 | */ | 13 | */ |
14 | 14 | ||
15 | #include <linux/magic.h> | 15 | #include <linux/magic.h> |
16 | #include <linux/mnt_namespace.h> | ||
17 | #include <linux/mount.h> | 16 | #include <linux/mount.h> |
18 | #include <linux/namei.h> | 17 | #include <linux/namei.h> |
19 | #include <linux/nsproxy.h> | 18 | #include <linux/nsproxy.h> |
diff --git a/security/capability.c b/security/capability.c index 2984ea4f776f..3b5883b7179f 100644 --- a/security/capability.c +++ b/security/capability.c | |||
@@ -125,7 +125,7 @@ static int cap_inode_init_security(struct inode *inode, struct inode *dir, | |||
125 | } | 125 | } |
126 | 126 | ||
127 | static int cap_inode_create(struct inode *inode, struct dentry *dentry, | 127 | static int cap_inode_create(struct inode *inode, struct dentry *dentry, |
128 | int mask) | 128 | umode_t mask) |
129 | { | 129 | { |
130 | return 0; | 130 | return 0; |
131 | } | 131 | } |
@@ -148,7 +148,7 @@ static int cap_inode_symlink(struct inode *inode, struct dentry *dentry, | |||
148 | } | 148 | } |
149 | 149 | ||
150 | static int cap_inode_mkdir(struct inode *inode, struct dentry *dentry, | 150 | static int cap_inode_mkdir(struct inode *inode, struct dentry *dentry, |
151 | int mask) | 151 | umode_t mask) |
152 | { | 152 | { |
153 | return 0; | 153 | return 0; |
154 | } | 154 | } |
@@ -159,7 +159,7 @@ static int cap_inode_rmdir(struct inode *inode, struct dentry *dentry) | |||
159 | } | 159 | } |
160 | 160 | ||
161 | static int cap_inode_mknod(struct inode *inode, struct dentry *dentry, | 161 | static int cap_inode_mknod(struct inode *inode, struct dentry *dentry, |
162 | int mode, dev_t dev) | 162 | umode_t mode, dev_t dev) |
163 | { | 163 | { |
164 | return 0; | 164 | return 0; |
165 | } | 165 | } |
@@ -235,13 +235,13 @@ static void cap_inode_getsecid(const struct inode *inode, u32 *secid) | |||
235 | } | 235 | } |
236 | 236 | ||
237 | #ifdef CONFIG_SECURITY_PATH | 237 | #ifdef CONFIG_SECURITY_PATH |
238 | static int cap_path_mknod(struct path *dir, struct dentry *dentry, int mode, | 238 | static int cap_path_mknod(struct path *dir, struct dentry *dentry, umode_t mode, |
239 | unsigned int dev) | 239 | unsigned int dev) |
240 | { | 240 | { |
241 | return 0; | 241 | return 0; |
242 | } | 242 | } |
243 | 243 | ||
244 | static int cap_path_mkdir(struct path *dir, struct dentry *dentry, int mode) | 244 | static int cap_path_mkdir(struct path *dir, struct dentry *dentry, umode_t mode) |
245 | { | 245 | { |
246 | return 0; | 246 | return 0; |
247 | } | 247 | } |
@@ -279,8 +279,7 @@ static int cap_path_truncate(struct path *path) | |||
279 | return 0; | 279 | return 0; |
280 | } | 280 | } |
281 | 281 | ||
282 | static int cap_path_chmod(struct dentry *dentry, struct vfsmount *mnt, | 282 | static int cap_path_chmod(struct path *path, umode_t mode) |
283 | mode_t mode) | ||
284 | { | 283 | { |
285 | return 0; | 284 | return 0; |
286 | } | 285 | } |
diff --git a/security/inode.c b/security/inode.c index c4df2fbebe6b..90a70a67d835 100644 --- a/security/inode.c +++ b/security/inode.c | |||
@@ -56,7 +56,7 @@ static const struct file_operations default_file_ops = { | |||
56 | .llseek = noop_llseek, | 56 | .llseek = noop_llseek, |
57 | }; | 57 | }; |
58 | 58 | ||
59 | static struct inode *get_inode(struct super_block *sb, int mode, dev_t dev) | 59 | static struct inode *get_inode(struct super_block *sb, umode_t mode, dev_t dev) |
60 | { | 60 | { |
61 | struct inode *inode = new_inode(sb); | 61 | struct inode *inode = new_inode(sb); |
62 | 62 | ||
@@ -85,7 +85,7 @@ static struct inode *get_inode(struct super_block *sb, int mode, dev_t dev) | |||
85 | 85 | ||
86 | /* SMP-safe */ | 86 | /* SMP-safe */ |
87 | static int mknod(struct inode *dir, struct dentry *dentry, | 87 | static int mknod(struct inode *dir, struct dentry *dentry, |
88 | int mode, dev_t dev) | 88 | umode_t mode, dev_t dev) |
89 | { | 89 | { |
90 | struct inode *inode; | 90 | struct inode *inode; |
91 | int error = -ENOMEM; | 91 | int error = -ENOMEM; |
@@ -102,7 +102,7 @@ static int mknod(struct inode *dir, struct dentry *dentry, | |||
102 | return error; | 102 | return error; |
103 | } | 103 | } |
104 | 104 | ||
105 | static int mkdir(struct inode *dir, struct dentry *dentry, int mode) | 105 | static int mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) |
106 | { | 106 | { |
107 | int res; | 107 | int res; |
108 | 108 | ||
@@ -113,7 +113,7 @@ static int mkdir(struct inode *dir, struct dentry *dentry, int mode) | |||
113 | return res; | 113 | return res; |
114 | } | 114 | } |
115 | 115 | ||
116 | static int create(struct inode *dir, struct dentry *dentry, int mode) | 116 | static int create(struct inode *dir, struct dentry *dentry, umode_t mode) |
117 | { | 117 | { |
118 | mode = (mode & S_IALLUGO) | S_IFREG; | 118 | mode = (mode & S_IALLUGO) | S_IFREG; |
119 | return mknod(dir, dentry, mode, 0); | 119 | return mknod(dir, dentry, mode, 0); |
@@ -145,7 +145,7 @@ static struct file_system_type fs_type = { | |||
145 | .kill_sb = kill_litter_super, | 145 | .kill_sb = kill_litter_super, |
146 | }; | 146 | }; |
147 | 147 | ||
148 | static int create_by_name(const char *name, mode_t mode, | 148 | static int create_by_name(const char *name, umode_t mode, |
149 | struct dentry *parent, | 149 | struct dentry *parent, |
150 | struct dentry **dentry) | 150 | struct dentry **dentry) |
151 | { | 151 | { |
@@ -159,12 +159,12 @@ static int create_by_name(const char *name, mode_t mode, | |||
159 | * have around. | 159 | * have around. |
160 | */ | 160 | */ |
161 | if (!parent) | 161 | if (!parent) |
162 | parent = mount->mnt_sb->s_root; | 162 | parent = mount->mnt_root; |
163 | 163 | ||
164 | mutex_lock(&parent->d_inode->i_mutex); | 164 | mutex_lock(&parent->d_inode->i_mutex); |
165 | *dentry = lookup_one_len(name, parent, strlen(name)); | 165 | *dentry = lookup_one_len(name, parent, strlen(name)); |
166 | if (!IS_ERR(*dentry)) { | 166 | if (!IS_ERR(*dentry)) { |
167 | if ((mode & S_IFMT) == S_IFDIR) | 167 | if (S_ISDIR(mode)) |
168 | error = mkdir(parent->d_inode, *dentry, mode); | 168 | error = mkdir(parent->d_inode, *dentry, mode); |
169 | else | 169 | else |
170 | error = create(parent->d_inode, *dentry, mode); | 170 | error = create(parent->d_inode, *dentry, mode); |
@@ -205,7 +205,7 @@ static int create_by_name(const char *name, mode_t mode, | |||
205 | * If securityfs is not enabled in the kernel, the value %-ENODEV is | 205 | * If securityfs is not enabled in the kernel, the value %-ENODEV is |
206 | * returned. | 206 | * returned. |
207 | */ | 207 | */ |
208 | struct dentry *securityfs_create_file(const char *name, mode_t mode, | 208 | struct dentry *securityfs_create_file(const char *name, umode_t mode, |
209 | struct dentry *parent, void *data, | 209 | struct dentry *parent, void *data, |
210 | const struct file_operations *fops) | 210 | const struct file_operations *fops) |
211 | { | 211 | { |
diff --git a/security/security.c b/security/security.c index e2f684aeb70c..214502c772ab 100644 --- a/security/security.c +++ b/security/security.c | |||
@@ -388,7 +388,7 @@ int security_old_inode_init_security(struct inode *inode, struct inode *dir, | |||
388 | EXPORT_SYMBOL(security_old_inode_init_security); | 388 | EXPORT_SYMBOL(security_old_inode_init_security); |
389 | 389 | ||
390 | #ifdef CONFIG_SECURITY_PATH | 390 | #ifdef CONFIG_SECURITY_PATH |
391 | int security_path_mknod(struct path *dir, struct dentry *dentry, int mode, | 391 | int security_path_mknod(struct path *dir, struct dentry *dentry, umode_t mode, |
392 | unsigned int dev) | 392 | unsigned int dev) |
393 | { | 393 | { |
394 | if (unlikely(IS_PRIVATE(dir->dentry->d_inode))) | 394 | if (unlikely(IS_PRIVATE(dir->dentry->d_inode))) |
@@ -397,7 +397,7 @@ int security_path_mknod(struct path *dir, struct dentry *dentry, int mode, | |||
397 | } | 397 | } |
398 | EXPORT_SYMBOL(security_path_mknod); | 398 | EXPORT_SYMBOL(security_path_mknod); |
399 | 399 | ||
400 | int security_path_mkdir(struct path *dir, struct dentry *dentry, int mode) | 400 | int security_path_mkdir(struct path *dir, struct dentry *dentry, umode_t mode) |
401 | { | 401 | { |
402 | if (unlikely(IS_PRIVATE(dir->dentry->d_inode))) | 402 | if (unlikely(IS_PRIVATE(dir->dentry->d_inode))) |
403 | return 0; | 403 | return 0; |
@@ -454,12 +454,11 @@ int security_path_truncate(struct path *path) | |||
454 | return security_ops->path_truncate(path); | 454 | return security_ops->path_truncate(path); |
455 | } | 455 | } |
456 | 456 | ||
457 | int security_path_chmod(struct dentry *dentry, struct vfsmount *mnt, | 457 | int security_path_chmod(struct path *path, umode_t mode) |
458 | mode_t mode) | ||
459 | { | 458 | { |
460 | if (unlikely(IS_PRIVATE(dentry->d_inode))) | 459 | if (unlikely(IS_PRIVATE(path->dentry->d_inode))) |
461 | return 0; | 460 | return 0; |
462 | return security_ops->path_chmod(dentry, mnt, mode); | 461 | return security_ops->path_chmod(path, mode); |
463 | } | 462 | } |
464 | 463 | ||
465 | int security_path_chown(struct path *path, uid_t uid, gid_t gid) | 464 | int security_path_chown(struct path *path, uid_t uid, gid_t gid) |
@@ -475,7 +474,7 @@ int security_path_chroot(struct path *path) | |||
475 | } | 474 | } |
476 | #endif | 475 | #endif |
477 | 476 | ||
478 | int security_inode_create(struct inode *dir, struct dentry *dentry, int mode) | 477 | int security_inode_create(struct inode *dir, struct dentry *dentry, umode_t mode) |
479 | { | 478 | { |
480 | if (unlikely(IS_PRIVATE(dir))) | 479 | if (unlikely(IS_PRIVATE(dir))) |
481 | return 0; | 480 | return 0; |
@@ -506,7 +505,7 @@ int security_inode_symlink(struct inode *dir, struct dentry *dentry, | |||
506 | return security_ops->inode_symlink(dir, dentry, old_name); | 505 | return security_ops->inode_symlink(dir, dentry, old_name); |
507 | } | 506 | } |
508 | 507 | ||
509 | int security_inode_mkdir(struct inode *dir, struct dentry *dentry, int mode) | 508 | int security_inode_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) |
510 | { | 509 | { |
511 | if (unlikely(IS_PRIVATE(dir))) | 510 | if (unlikely(IS_PRIVATE(dir))) |
512 | return 0; | 511 | return 0; |
@@ -521,7 +520,7 @@ int security_inode_rmdir(struct inode *dir, struct dentry *dentry) | |||
521 | return security_ops->inode_rmdir(dir, dentry); | 520 | return security_ops->inode_rmdir(dir, dentry); |
522 | } | 521 | } |
523 | 522 | ||
524 | int security_inode_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev) | 523 | int security_inode_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev) |
525 | { | 524 | { |
526 | if (unlikely(IS_PRIVATE(dir))) | 525 | if (unlikely(IS_PRIVATE(dir))) |
527 | return 0; | 526 | return 0; |
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 86305c2f555a..7cd4c3affac8 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
@@ -1740,7 +1740,7 @@ static inline u32 file_mask_to_av(int mode, int mask) | |||
1740 | { | 1740 | { |
1741 | u32 av = 0; | 1741 | u32 av = 0; |
1742 | 1742 | ||
1743 | if ((mode & S_IFMT) != S_IFDIR) { | 1743 | if (!S_ISDIR(mode)) { |
1744 | if (mask & MAY_EXEC) | 1744 | if (mask & MAY_EXEC) |
1745 | av |= FILE__EXECUTE; | 1745 | av |= FILE__EXECUTE; |
1746 | if (mask & MAY_READ) | 1746 | if (mask & MAY_READ) |
@@ -2507,7 +2507,7 @@ static int selinux_mount(char *dev_name, | |||
2507 | const struct cred *cred = current_cred(); | 2507 | const struct cred *cred = current_cred(); |
2508 | 2508 | ||
2509 | if (flags & MS_REMOUNT) | 2509 | if (flags & MS_REMOUNT) |
2510 | return superblock_has_perm(cred, path->mnt->mnt_sb, | 2510 | return superblock_has_perm(cred, path->dentry->d_sb, |
2511 | FILESYSTEM__REMOUNT, NULL); | 2511 | FILESYSTEM__REMOUNT, NULL); |
2512 | else | 2512 | else |
2513 | return path_has_perm(cred, path, FILE__MOUNTON); | 2513 | return path_has_perm(cred, path, FILE__MOUNTON); |
@@ -2598,7 +2598,7 @@ static int selinux_inode_init_security(struct inode *inode, struct inode *dir, | |||
2598 | return 0; | 2598 | return 0; |
2599 | } | 2599 | } |
2600 | 2600 | ||
2601 | static int selinux_inode_create(struct inode *dir, struct dentry *dentry, int mask) | 2601 | static int selinux_inode_create(struct inode *dir, struct dentry *dentry, umode_t mode) |
2602 | { | 2602 | { |
2603 | return may_create(dir, dentry, SECCLASS_FILE); | 2603 | return may_create(dir, dentry, SECCLASS_FILE); |
2604 | } | 2604 | } |
@@ -2618,7 +2618,7 @@ static int selinux_inode_symlink(struct inode *dir, struct dentry *dentry, const | |||
2618 | return may_create(dir, dentry, SECCLASS_LNK_FILE); | 2618 | return may_create(dir, dentry, SECCLASS_LNK_FILE); |
2619 | } | 2619 | } |
2620 | 2620 | ||
2621 | static int selinux_inode_mkdir(struct inode *dir, struct dentry *dentry, int mask) | 2621 | static int selinux_inode_mkdir(struct inode *dir, struct dentry *dentry, umode_t mask) |
2622 | { | 2622 | { |
2623 | return may_create(dir, dentry, SECCLASS_DIR); | 2623 | return may_create(dir, dentry, SECCLASS_DIR); |
2624 | } | 2624 | } |
@@ -2628,7 +2628,7 @@ static int selinux_inode_rmdir(struct inode *dir, struct dentry *dentry) | |||
2628 | return may_link(dir, dentry, MAY_RMDIR); | 2628 | return may_link(dir, dentry, MAY_RMDIR); |
2629 | } | 2629 | } |
2630 | 2630 | ||
2631 | static int selinux_inode_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev) | 2631 | static int selinux_inode_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev) |
2632 | { | 2632 | { |
2633 | return may_create(dir, dentry, inode_mode_to_security_class(mode)); | 2633 | return may_create(dir, dentry, inode_mode_to_security_class(mode)); |
2634 | } | 2634 | } |
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 7db62b48eb42..e8af5b0ba80f 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c | |||
@@ -406,7 +406,7 @@ static int smack_sb_statfs(struct dentry *dentry) | |||
406 | static int smack_sb_mount(char *dev_name, struct path *path, | 406 | static int smack_sb_mount(char *dev_name, struct path *path, |
407 | char *type, unsigned long flags, void *data) | 407 | char *type, unsigned long flags, void *data) |
408 | { | 408 | { |
409 | struct superblock_smack *sbp = path->mnt->mnt_sb->s_security; | 409 | struct superblock_smack *sbp = path->dentry->d_sb->s_security; |
410 | struct smk_audit_info ad; | 410 | struct smk_audit_info ad; |
411 | 411 | ||
412 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH); | 412 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH); |
@@ -435,7 +435,7 @@ static int smack_sb_umount(struct vfsmount *mnt, int flags) | |||
435 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH); | 435 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH); |
436 | smk_ad_setfield_u_fs_path(&ad, path); | 436 | smk_ad_setfield_u_fs_path(&ad, path); |
437 | 437 | ||
438 | sbp = mnt->mnt_sb->s_security; | 438 | sbp = path.dentry->d_sb->s_security; |
439 | return smk_curacc(sbp->smk_floor, MAY_WRITE, &ad); | 439 | return smk_curacc(sbp->smk_floor, MAY_WRITE, &ad); |
440 | } | 440 | } |
441 | 441 | ||
diff --git a/security/tomoyo/audit.c b/security/tomoyo/audit.c index 075c3a6d1649..5ca47ea3049f 100644 --- a/security/tomoyo/audit.c +++ b/security/tomoyo/audit.c | |||
@@ -112,7 +112,7 @@ out: | |||
112 | * | 112 | * |
113 | * Returns file type string. | 113 | * Returns file type string. |
114 | */ | 114 | */ |
115 | static inline const char *tomoyo_filetype(const mode_t mode) | 115 | static inline const char *tomoyo_filetype(const umode_t mode) |
116 | { | 116 | { |
117 | switch (mode & S_IFMT) { | 117 | switch (mode & S_IFMT) { |
118 | case S_IFREG: | 118 | case S_IFREG: |
@@ -180,7 +180,7 @@ static char *tomoyo_print_header(struct tomoyo_request_info *r) | |||
180 | for (i = 0; i < TOMOYO_MAX_PATH_STAT; i++) { | 180 | for (i = 0; i < TOMOYO_MAX_PATH_STAT; i++) { |
181 | struct tomoyo_mini_stat *stat; | 181 | struct tomoyo_mini_stat *stat; |
182 | unsigned int dev; | 182 | unsigned int dev; |
183 | mode_t mode; | 183 | umode_t mode; |
184 | if (!obj->stat_valid[i]) | 184 | if (!obj->stat_valid[i]) |
185 | continue; | 185 | continue; |
186 | stat = &obj->stat[i]; | 186 | stat = &obj->stat[i]; |
diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h index ed311d7a8ce0..deeab7be5b97 100644 --- a/security/tomoyo/common.h +++ b/security/tomoyo/common.h | |||
@@ -564,7 +564,7 @@ struct tomoyo_mini_stat { | |||
564 | uid_t uid; | 564 | uid_t uid; |
565 | gid_t gid; | 565 | gid_t gid; |
566 | ino_t ino; | 566 | ino_t ino; |
567 | mode_t mode; | 567 | umode_t mode; |
568 | dev_t dev; | 568 | dev_t dev; |
569 | dev_t rdev; | 569 | dev_t rdev; |
570 | }; | 570 | }; |
diff --git a/security/tomoyo/realpath.c b/security/tomoyo/realpath.c index d9f3ced8756e..80a09c37cac8 100644 --- a/security/tomoyo/realpath.c +++ b/security/tomoyo/realpath.c | |||
@@ -4,15 +4,8 @@ | |||
4 | * Copyright (C) 2005-2011 NTT DATA CORPORATION | 4 | * Copyright (C) 2005-2011 NTT DATA CORPORATION |
5 | */ | 5 | */ |
6 | 6 | ||
7 | #include <linux/types.h> | ||
8 | #include <linux/mount.h> | ||
9 | #include <linux/mnt_namespace.h> | ||
10 | #include <linux/fs_struct.h> | ||
11 | #include <linux/magic.h> | ||
12 | #include <linux/slab.h> | ||
13 | #include <net/sock.h> | ||
14 | #include "common.h" | 7 | #include "common.h" |
15 | #include "../../fs/internal.h" | 8 | #include <linux/magic.h> |
16 | 9 | ||
17 | /** | 10 | /** |
18 | * tomoyo_encode2 - Encode binary string to ascii string. | 11 | * tomoyo_encode2 - Encode binary string to ascii string. |
diff --git a/security/tomoyo/securityfs_if.c b/security/tomoyo/securityfs_if.c index 2672ac4f3beb..482b2a5f48f0 100644 --- a/security/tomoyo/securityfs_if.c +++ b/security/tomoyo/securityfs_if.c | |||
@@ -224,7 +224,7 @@ static const struct file_operations tomoyo_operations = { | |||
224 | * | 224 | * |
225 | * Returns nothing. | 225 | * Returns nothing. |
226 | */ | 226 | */ |
227 | static void __init tomoyo_create_entry(const char *name, const mode_t mode, | 227 | static void __init tomoyo_create_entry(const char *name, const umode_t mode, |
228 | struct dentry *parent, const u8 key) | 228 | struct dentry *parent, const u8 key) |
229 | { | 229 | { |
230 | securityfs_create_file(name, mode, parent, ((u8 *) NULL) + key, | 230 | securityfs_create_file(name, mode, parent, ((u8 *) NULL) + key, |
diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index 4b327b691745..620d37c159a3 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c | |||
@@ -186,7 +186,7 @@ static int tomoyo_path_unlink(struct path *parent, struct dentry *dentry) | |||
186 | * Returns 0 on success, negative value otherwise. | 186 | * Returns 0 on success, negative value otherwise. |
187 | */ | 187 | */ |
188 | static int tomoyo_path_mkdir(struct path *parent, struct dentry *dentry, | 188 | static int tomoyo_path_mkdir(struct path *parent, struct dentry *dentry, |
189 | int mode) | 189 | umode_t mode) |
190 | { | 190 | { |
191 | struct path path = { parent->mnt, dentry }; | 191 | struct path path = { parent->mnt, dentry }; |
192 | return tomoyo_path_number_perm(TOMOYO_TYPE_MKDIR, &path, | 192 | return tomoyo_path_number_perm(TOMOYO_TYPE_MKDIR, &path, |
@@ -234,7 +234,7 @@ static int tomoyo_path_symlink(struct path *parent, struct dentry *dentry, | |||
234 | * Returns 0 on success, negative value otherwise. | 234 | * Returns 0 on success, negative value otherwise. |
235 | */ | 235 | */ |
236 | static int tomoyo_path_mknod(struct path *parent, struct dentry *dentry, | 236 | static int tomoyo_path_mknod(struct path *parent, struct dentry *dentry, |
237 | int mode, unsigned int dev) | 237 | umode_t mode, unsigned int dev) |
238 | { | 238 | { |
239 | struct path path = { parent->mnt, dentry }; | 239 | struct path path = { parent->mnt, dentry }; |
240 | int type = TOMOYO_TYPE_CREATE; | 240 | int type = TOMOYO_TYPE_CREATE; |
@@ -353,17 +353,14 @@ static int tomoyo_file_ioctl(struct file *file, unsigned int cmd, | |||
353 | /** | 353 | /** |
354 | * tomoyo_path_chmod - Target for security_path_chmod(). | 354 | * tomoyo_path_chmod - Target for security_path_chmod(). |
355 | * | 355 | * |
356 | * @dentry: Pointer to "struct dentry". | 356 | * @path: Pointer to "struct path". |
357 | * @mnt: Pointer to "struct vfsmount". | 357 | * @mode: DAC permission mode. |
358 | * @mode: DAC permission mode. | ||
359 | * | 358 | * |
360 | * Returns 0 on success, negative value otherwise. | 359 | * Returns 0 on success, negative value otherwise. |
361 | */ | 360 | */ |
362 | static int tomoyo_path_chmod(struct dentry *dentry, struct vfsmount *mnt, | 361 | static int tomoyo_path_chmod(struct path *path, umode_t mode) |
363 | mode_t mode) | ||
364 | { | 362 | { |
365 | struct path path = { mnt, dentry }; | 363 | return tomoyo_path_number_perm(TOMOYO_TYPE_CHMOD, path, |
366 | return tomoyo_path_number_perm(TOMOYO_TYPE_CHMOD, &path, | ||
367 | mode & S_IALLUGO); | 364 | mode & S_IALLUGO); |
368 | } | 365 | } |
369 | 366 | ||