diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2010-03-04 11:15:33 -0500 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2010-03-04 11:15:33 -0500 |
commit | 0f2cc4ecd81dc1917a041dc93db0ada28f8356fa (patch) | |
tree | f128b50f48f50f0cda6d2b20b53e9ad6e2dfded3 /security | |
parent | 1fae4cfb97302289bb5df6a8195eb28385d0b002 (diff) | |
parent | 9643f5d94aadd47a5fa9754fb60f2c957de05903 (diff) |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6: (52 commits)
init: Open /dev/console from rootfs
mqueue: fix typo "failues" -> "failures"
mqueue: only set error codes if they are really necessary
mqueue: simplify do_open() error handling
mqueue: apply mathematics distributivity on mq_bytes calculation
mqueue: remove unneeded info->messages initialization
mqueue: fix mq_open() file descriptor leak on user-space processes
fix race in d_splice_alias()
set S_DEAD on unlink() and non-directory rename() victims
vfs: add NOFOLLOW flag to umount(2)
get rid of ->mnt_parent in tomoyo/realpath
hppfs can use existing proc_mnt, no need for do_kern_mount() in there
Mirror MS_KERNMOUNT in ->mnt_flags
get rid of useless vfsmount_lock use in put_mnt_ns()
Take vfsmount_lock to fs/internal.h
get rid of insanity with namespace roots in tomoyo
take check for new events in namespace (guts of mounts_poll()) to namespace.c
Don't mess with generic_permission() under ->d_lock in hpfs
sanitize const/signedness for udf
nilfs: sanitize const/signedness in dealing with ->d_name.name
...
Fix up fairly trivial (famous last words...) conflicts in
drivers/infiniband/core/uverbs_main.c and security/tomoyo/realpath.c
Diffstat (limited to 'security')
-rw-r--r-- | security/smack/smack_lsm.c | 2 | ||||
-rw-r--r-- | security/tomoyo/realpath.c | 23 |
2 files changed, 5 insertions, 20 deletions
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index a5721b373f53..5225e668dbf0 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c | |||
@@ -387,7 +387,7 @@ static int smack_sb_umount(struct vfsmount *mnt, int flags) | |||
387 | struct smk_audit_info ad; | 387 | struct smk_audit_info ad; |
388 | 388 | ||
389 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_FS); | 389 | smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_FS); |
390 | smk_ad_setfield_u_fs_path_dentry(&ad, mnt->mnt_mountpoint); | 390 | smk_ad_setfield_u_fs_path_dentry(&ad, mnt->mnt_root); |
391 | smk_ad_setfield_u_fs_path_mnt(&ad, mnt); | 391 | smk_ad_setfield_u_fs_path_mnt(&ad, mnt); |
392 | 392 | ||
393 | sbp = mnt->mnt_sb->s_security; | 393 | sbp = mnt->mnt_sb->s_security; |
diff --git a/security/tomoyo/realpath.c b/security/tomoyo/realpath.c index c00df45c7ede..cf7d61f781b9 100644 --- a/security/tomoyo/realpath.c +++ b/security/tomoyo/realpath.c | |||
@@ -88,29 +88,14 @@ int tomoyo_realpath_from_path2(struct path *path, char *newname, | |||
88 | sp = dentry->d_op->d_dname(dentry, newname + offset, | 88 | sp = dentry->d_op->d_dname(dentry, newname + offset, |
89 | newname_len - offset); | 89 | newname_len - offset); |
90 | } else { | 90 | } else { |
91 | /* Taken from d_namespace_path(). */ | 91 | struct path ns_root = {.mnt = NULL, .dentry = NULL}; |
92 | struct path root; | ||
93 | struct path ns_root = { }; | ||
94 | struct path tmp; | ||
95 | 92 | ||
96 | read_lock(¤t->fs->lock); | ||
97 | root = current->fs->root; | ||
98 | path_get(&root); | ||
99 | read_unlock(¤t->fs->lock); | ||
100 | spin_lock(&vfsmount_lock); | ||
101 | if (root.mnt && root.mnt->mnt_ns) | ||
102 | ns_root.mnt = mntget(root.mnt->mnt_ns->root); | ||
103 | if (ns_root.mnt) | ||
104 | ns_root.dentry = dget(ns_root.mnt->mnt_root); | ||
105 | spin_unlock(&vfsmount_lock); | ||
106 | spin_lock(&dcache_lock); | 93 | spin_lock(&dcache_lock); |
107 | tmp = ns_root; | 94 | /* go to whatever namespace root we are under */ |
108 | sp = __d_path(path, &tmp, newname, newname_len); | 95 | sp = __d_path(path, &ns_root, newname, newname_len); |
109 | spin_unlock(&dcache_lock); | 96 | spin_unlock(&dcache_lock); |
110 | path_put(&root); | ||
111 | path_put(&ns_root); | ||
112 | /* Prepend "/proc" prefix if using internal proc vfs mount. */ | 97 | /* Prepend "/proc" prefix if using internal proc vfs mount. */ |
113 | if (!IS_ERR(sp) && (path->mnt->mnt_parent == path->mnt) && | 98 | if (!IS_ERR(sp) && (path->mnt->mnt_flags & MNT_INTERNAL) && |
114 | (path->mnt->mnt_sb->s_magic == PROC_SUPER_MAGIC)) { | 99 | (path->mnt->mnt_sb->s_magic == PROC_SUPER_MAGIC)) { |
115 | sp -= 5; | 100 | sp -= 5; |
116 | if (sp >= newname) | 101 | if (sp >= newname) |