aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--fs/namei.c10
-rw-r--r--include/linux/security.h49
-rw-r--r--security/dummy.c17
-rw-r--r--security/selinux/hooks.c13
4 files changed, 2 insertions, 87 deletions
diff --git a/fs/namei.c b/fs/namei.c
index 993a65a7d570..21d85f1ac839 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -2012,10 +2012,8 @@ int vfs_link(struct dentry *old_dentry, struct inode *dir, struct dentry *new_de
2012 DQUOT_INIT(dir); 2012 DQUOT_INIT(dir);
2013 error = dir->i_op->link(old_dentry, dir, new_dentry); 2013 error = dir->i_op->link(old_dentry, dir, new_dentry);
2014 up(&old_dentry->d_inode->i_sem); 2014 up(&old_dentry->d_inode->i_sem);
2015 if (!error) { 2015 if (!error)
2016 fsnotify_create(dir, new_dentry->d_name.name); 2016 fsnotify_create(dir, new_dentry->d_name.name);
2017 security_inode_post_link(old_dentry, dir, new_dentry);
2018 }
2019 return error; 2017 return error;
2020} 2018}
2021 2019
@@ -2134,11 +2132,8 @@ static int vfs_rename_dir(struct inode *old_dir, struct dentry *old_dentry,
2134 d_rehash(new_dentry); 2132 d_rehash(new_dentry);
2135 dput(new_dentry); 2133 dput(new_dentry);
2136 } 2134 }
2137 if (!error) { 2135 if (!error)
2138 d_move(old_dentry,new_dentry); 2136 d_move(old_dentry,new_dentry);
2139 security_inode_post_rename(old_dir, old_dentry,
2140 new_dir, new_dentry);
2141 }
2142 return error; 2137 return error;
2143} 2138}
2144 2139
@@ -2164,7 +2159,6 @@ static int vfs_rename_other(struct inode *old_dir, struct dentry *old_dentry,
2164 /* The following d_move() should become unconditional */ 2159 /* The following d_move() should become unconditional */
2165 if (!(old_dir->i_sb->s_type->fs_flags & FS_ODD_RENAME)) 2160 if (!(old_dir->i_sb->s_type->fs_flags & FS_ODD_RENAME))
2166 d_move(old_dentry, new_dentry); 2161 d_move(old_dentry, new_dentry);
2167 security_inode_post_rename(old_dir, old_dentry, new_dir, new_dentry);
2168 } 2162 }
2169 if (target) 2163 if (target)
2170 up(&target->i_sem); 2164 up(&target->i_sem);
diff --git a/include/linux/security.h b/include/linux/security.h
index 875225bf8986..55b02e1c73f4 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -281,11 +281,6 @@ struct swap_info_struct;
281 * @dir contains the inode structure of the parent directory of the new link. 281 * @dir contains the inode structure of the parent directory of the new link.
282 * @new_dentry contains the dentry structure for the new link. 282 * @new_dentry contains the dentry structure for the new link.
283 * Return 0 if permission is granted. 283 * Return 0 if permission is granted.
284 * @inode_post_link:
285 * Set security attributes for a new hard link to a file.
286 * @old_dentry contains the dentry structure for the existing link.
287 * @dir contains the inode structure of the parent directory of the new file.
288 * @new_dentry contains the dentry structure for the new file link.
289 * @inode_unlink: 284 * @inode_unlink:
290 * Check the permission to remove a hard link to a file. 285 * Check the permission to remove a hard link to a file.
291 * @dir contains the inode structure of parent directory of the file. 286 * @dir contains the inode structure of parent directory of the file.
@@ -326,12 +321,6 @@ struct swap_info_struct;
326 * @new_dir contains the inode structure for parent of the new link. 321 * @new_dir contains the inode structure for parent of the new link.
327 * @new_dentry contains the dentry structure of the new link. 322 * @new_dentry contains the dentry structure of the new link.
328 * Return 0 if permission is granted. 323 * Return 0 if permission is granted.
329 * @inode_post_rename:
330 * Set security attributes on a renamed file or directory.
331 * @old_dir contains the inode structure for parent of the old link.
332 * @old_dentry contains the dentry structure of the old link.
333 * @new_dir contains the inode structure for parent of the new link.
334 * @new_dentry contains the dentry structure of the new link.
335 * @inode_readlink: 324 * @inode_readlink:
336 * Check the permission to read the symbolic link. 325 * Check the permission to read the symbolic link.
337 * @dentry contains the dentry structure for the file link. 326 * @dentry contains the dentry structure for the file link.
@@ -1080,8 +1069,6 @@ struct security_operations {
1080 struct dentry *dentry, int mode); 1069 struct dentry *dentry, int mode);
1081 int (*inode_link) (struct dentry *old_dentry, 1070 int (*inode_link) (struct dentry *old_dentry,
1082 struct inode *dir, struct dentry *new_dentry); 1071 struct inode *dir, struct dentry *new_dentry);
1083 void (*inode_post_link) (struct dentry *old_dentry,
1084 struct inode *dir, struct dentry *new_dentry);
1085 int (*inode_unlink) (struct inode *dir, struct dentry *dentry); 1072 int (*inode_unlink) (struct inode *dir, struct dentry *dentry);
1086 int (*inode_symlink) (struct inode *dir, 1073 int (*inode_symlink) (struct inode *dir,
1087 struct dentry *dentry, const char *old_name); 1074 struct dentry *dentry, const char *old_name);
@@ -1091,10 +1078,6 @@ struct security_operations {
1091 int mode, dev_t dev); 1078 int mode, dev_t dev);
1092 int (*inode_rename) (struct inode *old_dir, struct dentry *old_dentry, 1079 int (*inode_rename) (struct inode *old_dir, struct dentry *old_dentry,
1093 struct inode *new_dir, struct dentry *new_dentry); 1080 struct inode *new_dir, struct dentry *new_dentry);
1094 void (*inode_post_rename) (struct inode *old_dir,
1095 struct dentry *old_dentry,
1096 struct inode *new_dir,
1097 struct dentry *new_dentry);
1098 int (*inode_readlink) (struct dentry *dentry); 1081 int (*inode_readlink) (struct dentry *dentry);
1099 int (*inode_follow_link) (struct dentry *dentry, struct nameidata *nd); 1082 int (*inode_follow_link) (struct dentry *dentry, struct nameidata *nd);
1100 int (*inode_permission) (struct inode *inode, int mask, struct nameidata *nd); 1083 int (*inode_permission) (struct inode *inode, int mask, struct nameidata *nd);
@@ -1459,15 +1442,6 @@ static inline int security_inode_link (struct dentry *old_dentry,
1459 return security_ops->inode_link (old_dentry, dir, new_dentry); 1442 return security_ops->inode_link (old_dentry, dir, new_dentry);
1460} 1443}
1461 1444
1462static inline void security_inode_post_link (struct dentry *old_dentry,
1463 struct inode *dir,
1464 struct dentry *new_dentry)
1465{
1466 if (new_dentry->d_inode && unlikely (IS_PRIVATE (new_dentry->d_inode)))
1467 return;
1468 security_ops->inode_post_link (old_dentry, dir, new_dentry);
1469}
1470
1471static inline int security_inode_unlink (struct inode *dir, 1445static inline int security_inode_unlink (struct inode *dir,
1472 struct dentry *dentry) 1446 struct dentry *dentry)
1473{ 1447{
@@ -1523,18 +1497,6 @@ static inline int security_inode_rename (struct inode *old_dir,
1523 new_dir, new_dentry); 1497 new_dir, new_dentry);
1524} 1498}
1525 1499
1526static inline void security_inode_post_rename (struct inode *old_dir,
1527 struct dentry *old_dentry,
1528 struct inode *new_dir,
1529 struct dentry *new_dentry)
1530{
1531 if (unlikely (IS_PRIVATE (old_dentry->d_inode) ||
1532 (new_dentry->d_inode && IS_PRIVATE (new_dentry->d_inode))))
1533 return;
1534 security_ops->inode_post_rename (old_dir, old_dentry,
1535 new_dir, new_dentry);
1536}
1537
1538static inline int security_inode_readlink (struct dentry *dentry) 1500static inline int security_inode_readlink (struct dentry *dentry)
1539{ 1501{
1540 if (unlikely (IS_PRIVATE (dentry->d_inode))) 1502 if (unlikely (IS_PRIVATE (dentry->d_inode)))
@@ -2157,11 +2119,6 @@ static inline int security_inode_link (struct dentry *old_dentry,
2157 return 0; 2119 return 0;
2158} 2120}
2159 2121
2160static inline void security_inode_post_link (struct dentry *old_dentry,
2161 struct inode *dir,
2162 struct dentry *new_dentry)
2163{ }
2164
2165static inline int security_inode_unlink (struct inode *dir, 2122static inline int security_inode_unlink (struct inode *dir,
2166 struct dentry *dentry) 2123 struct dentry *dentry)
2167{ 2124{
@@ -2203,12 +2160,6 @@ static inline int security_inode_rename (struct inode *old_dir,
2203 return 0; 2160 return 0;
2204} 2161}
2205 2162
2206static inline void security_inode_post_rename (struct inode *old_dir,
2207 struct dentry *old_dentry,
2208 struct inode *new_dir,
2209 struct dentry *new_dentry)
2210{ }
2211
2212static inline int security_inode_readlink (struct dentry *dentry) 2163static inline int security_inode_readlink (struct dentry *dentry)
2213{ 2164{
2214 return 0; 2165 return 0;
diff --git a/security/dummy.c b/security/dummy.c
index 5083314e14b1..9623a61dfc76 100644
--- a/security/dummy.c
+++ b/security/dummy.c
@@ -276,13 +276,6 @@ static int dummy_inode_link (struct dentry *old_dentry, struct inode *inode,
276 return 0; 276 return 0;
277} 277}
278 278
279static void dummy_inode_post_link (struct dentry *old_dentry,
280 struct inode *inode,
281 struct dentry *new_dentry)
282{
283 return;
284}
285
286static int dummy_inode_unlink (struct inode *inode, struct dentry *dentry) 279static int dummy_inode_unlink (struct inode *inode, struct dentry *dentry)
287{ 280{
288 return 0; 281 return 0;
@@ -319,14 +312,6 @@ static int dummy_inode_rename (struct inode *old_inode,
319 return 0; 312 return 0;
320} 313}
321 314
322static void dummy_inode_post_rename (struct inode *old_inode,
323 struct dentry *old_dentry,
324 struct inode *new_inode,
325 struct dentry *new_dentry)
326{
327 return;
328}
329
330static int dummy_inode_readlink (struct dentry *dentry) 315static int dummy_inode_readlink (struct dentry *dentry)
331{ 316{
332 return 0; 317 return 0;
@@ -871,14 +856,12 @@ void security_fixup_ops (struct security_operations *ops)
871 set_to_dummy_if_null(ops, inode_init_security); 856 set_to_dummy_if_null(ops, inode_init_security);
872 set_to_dummy_if_null(ops, inode_create); 857 set_to_dummy_if_null(ops, inode_create);
873 set_to_dummy_if_null(ops, inode_link); 858 set_to_dummy_if_null(ops, inode_link);
874 set_to_dummy_if_null(ops, inode_post_link);
875 set_to_dummy_if_null(ops, inode_unlink); 859 set_to_dummy_if_null(ops, inode_unlink);
876 set_to_dummy_if_null(ops, inode_symlink); 860 set_to_dummy_if_null(ops, inode_symlink);
877 set_to_dummy_if_null(ops, inode_mkdir); 861 set_to_dummy_if_null(ops, inode_mkdir);
878 set_to_dummy_if_null(ops, inode_rmdir); 862 set_to_dummy_if_null(ops, inode_rmdir);
879 set_to_dummy_if_null(ops, inode_mknod); 863 set_to_dummy_if_null(ops, inode_mknod);
880 set_to_dummy_if_null(ops, inode_rename); 864 set_to_dummy_if_null(ops, inode_rename);
881 set_to_dummy_if_null(ops, inode_post_rename);
882 set_to_dummy_if_null(ops, inode_readlink); 865 set_to_dummy_if_null(ops, inode_readlink);
883 set_to_dummy_if_null(ops, inode_follow_link); 866 set_to_dummy_if_null(ops, inode_follow_link);
884 set_to_dummy_if_null(ops, inode_permission); 867 set_to_dummy_if_null(ops, inode_permission);
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index c9c20828be79..3f0b533be92c 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -2009,11 +2009,6 @@ static int selinux_inode_link(struct dentry *old_dentry, struct inode *dir, stru
2009 return may_link(dir, old_dentry, MAY_LINK); 2009 return may_link(dir, old_dentry, MAY_LINK);
2010} 2010}
2011 2011
2012static void selinux_inode_post_link(struct dentry *old_dentry, struct inode *inode, struct dentry *new_dentry)
2013{
2014 return;
2015}
2016
2017static int selinux_inode_unlink(struct inode *dir, struct dentry *dentry) 2012static int selinux_inode_unlink(struct inode *dir, struct dentry *dentry)
2018{ 2013{
2019 int rc; 2014 int rc;
@@ -2056,12 +2051,6 @@ static int selinux_inode_rename(struct inode *old_inode, struct dentry *old_dent
2056 return may_rename(old_inode, old_dentry, new_inode, new_dentry); 2051 return may_rename(old_inode, old_dentry, new_inode, new_dentry);
2057} 2052}
2058 2053
2059static void selinux_inode_post_rename(struct inode *old_inode, struct dentry *old_dentry,
2060 struct inode *new_inode, struct dentry *new_dentry)
2061{
2062 return;
2063}
2064
2065static int selinux_inode_readlink(struct dentry *dentry) 2054static int selinux_inode_readlink(struct dentry *dentry)
2066{ 2055{
2067 return dentry_has_perm(current, NULL, dentry, FILE__READ); 2056 return dentry_has_perm(current, NULL, dentry, FILE__READ);
@@ -4257,14 +4246,12 @@ static struct security_operations selinux_ops = {
4257 .inode_init_security = selinux_inode_init_security, 4246 .inode_init_security = selinux_inode_init_security,
4258 .inode_create = selinux_inode_create, 4247 .inode_create = selinux_inode_create,
4259 .inode_link = selinux_inode_link, 4248 .inode_link = selinux_inode_link,
4260 .inode_post_link = selinux_inode_post_link,
4261 .inode_unlink = selinux_inode_unlink, 4249 .inode_unlink = selinux_inode_unlink,
4262 .inode_symlink = selinux_inode_symlink, 4250 .inode_symlink = selinux_inode_symlink,
4263 .inode_mkdir = selinux_inode_mkdir, 4251 .inode_mkdir = selinux_inode_mkdir,
4264 .inode_rmdir = selinux_inode_rmdir, 4252 .inode_rmdir = selinux_inode_rmdir,
4265 .inode_mknod = selinux_inode_mknod, 4253 .inode_mknod = selinux_inode_mknod,
4266 .inode_rename = selinux_inode_rename, 4254 .inode_rename = selinux_inode_rename,
4267 .inode_post_rename = selinux_inode_post_rename,
4268 .inode_readlink = selinux_inode_readlink, 4255 .inode_readlink = selinux_inode_readlink,
4269 .inode_follow_link = selinux_inode_follow_link, 4256 .inode_follow_link = selinux_inode_follow_link,
4270 .inode_permission = selinux_inode_permission, 4257 .inode_permission = selinux_inode_permission,
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-07 01:00:54 -0500