Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net

Conflicts: drivers/net/usb/qmi_wwan.c include/net/dst.h Trivial merge conflicts, both were overlapping changes. Signed-off-by: David S. Miller <davem@davemloft.net>
author: David S. Miller <davem@davemloft.net> 2013-10-23 16:28:39 -0400
committer: David S. Miller <davem@davemloft.net> 2013-10-23 16:49:34 -0400
commit: c3fa32b9764dc45dcf8a2231b1c110abc4a63e0b (patch)
tree: 6cf2896a77b65bec64284681e1c3851eb3263e09 /security
parent: 34d92d5315b64a3e5292b7e9511c1bb617227fb6 (diff)
parent: 320437af954cbe66478f1f5e8b34cb5a8d072191 (diff)
5 files changed, 17 insertions, 30 deletions
diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
index 95c2b2689a03..7db9954f1af2 100644
--- a/security/apparmor/apparmorfs.c
+++ b/security/apparmor/apparmorfs.c
@@ -580,15 +580,13 @@ static struct aa_namespace *__next_namespace(struct aa_namespace *root,
        /* check if the next ns is a sibling, parent, gp, .. */
        parent = ns->parent;
-        while (parent) {
+        while (ns != root) {
                mutex_unlock(&ns->lock);
                next = list_entry_next(ns, base.list);
                if (!list_entry_is_head(next, &parent->sub_ns, base.list)) {
                        mutex_lock(&next->lock);
                        return next;
                }
-                if (parent == root)
-                        return NULL;
                ns = parent;
                parent = parent->parent;
        }
diff --git a/security/apparmor/policy.c b/security/apparmor/policy.c
index 345bec07a27d..705c2879d3a9 100644
--- a/security/apparmor/policy.c
+++ b/security/apparmor/policy.c
@@ -610,6 +610,7 @@ void aa_free_profile(struct aa_profile *profile)
        aa_put_dfa(profile->policy.dfa);
        aa_put_replacedby(profile->replacedby);
+        kzfree(profile->hash);
        kzfree(profile);
 }
diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index dad36a6ab45f..fc3e6628a864 100644
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -746,7 +746,6 @@ inline int avc_has_perm_noaudit(u32 ssid, u32 tsid,
 * @tclass: target security class
 * @requested: requested permissions, interpreted based on @tclass
 * @auditdata: auxiliary audit data
- * @flags: VFS walk flags
 *
 * Check the AVC to determine whether the @requested permissions are granted
 * for the SID pair (@ssid, @tsid), interpreting the permissions
@@ -756,17 +755,15 @@ inline int avc_has_perm_noaudit(u32 ssid, u32 tsid,
 * permissions are granted, -%EACCES if any permissions are denied, or
 * another -errno upon other errors.
 */
-int avc_has_perm_flags(u32 ssid, u32 tsid, u16 tclass,
+int avc_has_perm(u32 ssid, u32 tsid, u16 tclass,
-                       u32 requested, struct common_audit_data *auditdata,
+                 u32 requested, struct common_audit_data *auditdata)
-                       unsigned flags)
 {
        struct av_decision avd;
        int rc, rc2;
        rc = avc_has_perm_noaudit(ssid, tsid, tclass, requested, 0, &avd);
-        rc2 = avc_audit(ssid, tsid, tclass, requested, &avd, rc, auditdata,
+        rc2 = avc_audit(ssid, tsid, tclass, requested, &avd, rc, auditdata);
-                        flags);
        if (rc2)
                return rc2;
        return rc;
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 3f224d7795f5..c540795fb3f2 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1502,7 +1502,7 @@ static int cred_has_capability(const struct cred *cred,
        rc = avc_has_perm_noaudit(sid, sid, sclass, av, 0, &avd);
        if (audit == SECURITY_CAP_AUDIT) {
-                int rc2 = avc_audit(sid, sid, sclass, av, &avd, rc, &ad, 0);
+                int rc2 = avc_audit(sid, sid, sclass, av, &avd, rc, &ad);
                if (rc2)
                        return rc2;
        }
@@ -1525,8 +1525,7 @@ static int task_has_system(struct task_struct *tsk,
 static int inode_has_perm(const struct cred *cred,
                          struct inode *inode,
                          u32 perms,
-                          struct common_audit_data *adp,
+                          struct common_audit_data *adp)
-                          unsigned flags)
 {
        struct inode_security_struct *isec;
        u32 sid;
@@ -1539,7 +1538,7 @@ static int inode_has_perm(const struct cred *cred,
        sid = cred_sid(cred);
        isec = inode->i_security;
-        return avc_has_perm_flags(sid, isec->sid, isec->sclass, perms, adp, flags);
+        return avc_has_perm(sid, isec->sid, isec->sclass, perms, adp);
 }
 /* Same as inode_has_perm, but pass explicit audit data containing
@@ -1554,7 +1553,7 @@ static inline int dentry_has_perm(const struct cred *cred,
        ad.type = LSM_AUDIT_DATA_DENTRY;
        ad.u.dentry = dentry;
-        return inode_has_perm(cred, inode, av, &ad, 0);
+        return inode_has_perm(cred, inode, av, &ad);
 }
 /* Same as inode_has_perm, but pass explicit audit data containing
@@ -1569,7 +1568,7 @@ static inline int path_has_perm(const struct cred *cred,
        ad.type = LSM_AUDIT_DATA_PATH;
        ad.u.path = *path;
-        return inode_has_perm(cred, inode, av, &ad, 0);
+        return inode_has_perm(cred, inode, av, &ad);
 }
 /* Same as path_has_perm, but uses the inode from the file struct. */
@@ -1581,7 +1580,7 @@ static inline int file_path_has_perm(const struct cred *cred,
        ad.type = LSM_AUDIT_DATA_PATH;
        ad.u.path = file->f_path;
-        return inode_has_perm(cred, file_inode(file), av, &ad, 0);
+        return inode_has_perm(cred, file_inode(file), av, &ad);
 }
 /* Check whether a task can use an open file descriptor to
@@ -1617,7 +1616,7 @@ static int file_has_perm(const struct cred *cred,
        /* av is zero if only checking access to the descriptor. */
        rc = 0;
        if (av)
-                rc = inode_has_perm(cred, inode, av, &ad, 0);
+                rc = inode_has_perm(cred, inode, av, &ad);
 out:
        return rc;
diff --git a/security/selinux/include/avc.h b/security/selinux/include/avc.h
index 92d0ab561db8..f53ee3c58d0f 100644
--- a/security/selinux/include/avc.h
+++ b/security/selinux/include/avc.h
@@ -130,7 +130,7 @@ static inline int avc_audit(u32 ssid, u32 tsid,
                            u16 tclass, u32 requested,
                            struct av_decision *avd,
                            int result,
-                            struct common_audit_data *a, unsigned flags)
+                            struct common_audit_data *a)
 {
        u32 audited, denied;
        audited = avc_audit_required(requested, avd, result, 0, &denied);
@@ -138,7 +138,7 @@ static inline int avc_audit(u32 ssid, u32 tsid,
                return 0;
        return slow_avc_audit(ssid, tsid, tclass,
                              requested, audited, denied,
-                              a, flags);
+                              a, 0);
 }
 #define AVC_STRICT 1 /* Ignore permissive mode. */
@@ -147,17 +147,9 @@ int avc_has_perm_noaudit(u32 ssid, u32 tsid,
                         unsigned flags,
                         struct av_decision *avd);
-int avc_has_perm_flags(u32 ssid, u32 tsid,
+int avc_has_perm(u32 ssid, u32 tsid,
-                       u16 tclass, u32 requested,
+                 u16 tclass, u32 requested,
-                       struct common_audit_data *auditdata,
+                 struct common_audit_data *auditdata);
-                       unsigned);
-static inline int avc_has_perm(u32 ssid, u32 tsid,
-                               u16 tclass, u32 requested,
-                               struct common_audit_data *auditdata)
-{
-        return avc_has_perm_flags(ssid, tsid, tclass, requested, auditdata, 0);
-}
 u32 avc_policy_seqno(void);
author	David S. Miller <davem@davemloft.net>	2013-10-23 16:28:39 -0400
committer	David S. Miller <davem@davemloft.net>	2013-10-23 16:49:34 -0400
commit	c3fa32b9764dc45dcf8a2231b1c110abc4a63e0b (patch)
tree	6cf2896a77b65bec64284681e1c3851eb3263e09 /security
parent	34d92d5315b64a3e5292b7e9511c1bb617227fb6 (diff)
parent	320437af954cbe66478f1f5e8b34cb5a8d072191 (diff)