diff options
Diffstat (limited to 'fs')
36 files changed, 161 insertions, 92 deletions
diff --git a/fs/btrfs/inode.c b/fs/btrfs/inode.c index 9007bbd01dbf..93323ac26b0a 100644 --- a/fs/btrfs/inode.c +++ b/fs/btrfs/inode.c | |||
@@ -90,13 +90,14 @@ static noinline int cow_file_range(struct inode *inode, | |||
90 | unsigned long *nr_written, int unlock); | 90 | unsigned long *nr_written, int unlock); |
91 | 91 | ||
92 | static int btrfs_init_inode_security(struct btrfs_trans_handle *trans, | 92 | static int btrfs_init_inode_security(struct btrfs_trans_handle *trans, |
93 | struct inode *inode, struct inode *dir) | 93 | struct inode *inode, struct inode *dir, |
94 | const struct qstr *qstr) | ||
94 | { | 95 | { |
95 | int err; | 96 | int err; |
96 | 97 | ||
97 | err = btrfs_init_acl(trans, inode, dir); | 98 | err = btrfs_init_acl(trans, inode, dir); |
98 | if (!err) | 99 | if (!err) |
99 | err = btrfs_xattr_security_init(trans, inode, dir); | 100 | err = btrfs_xattr_security_init(trans, inode, dir, qstr); |
100 | return err; | 101 | return err; |
101 | } | 102 | } |
102 | 103 | ||
@@ -4704,7 +4705,7 @@ static int btrfs_mknod(struct inode *dir, struct dentry *dentry, | |||
4704 | if (IS_ERR(inode)) | 4705 | if (IS_ERR(inode)) |
4705 | goto out_unlock; | 4706 | goto out_unlock; |
4706 | 4707 | ||
4707 | err = btrfs_init_inode_security(trans, inode, dir); | 4708 | err = btrfs_init_inode_security(trans, inode, dir, &dentry->d_name); |
4708 | if (err) { | 4709 | if (err) { |
4709 | drop_inode = 1; | 4710 | drop_inode = 1; |
4710 | goto out_unlock; | 4711 | goto out_unlock; |
@@ -4765,7 +4766,7 @@ static int btrfs_create(struct inode *dir, struct dentry *dentry, | |||
4765 | if (IS_ERR(inode)) | 4766 | if (IS_ERR(inode)) |
4766 | goto out_unlock; | 4767 | goto out_unlock; |
4767 | 4768 | ||
4768 | err = btrfs_init_inode_security(trans, inode, dir); | 4769 | err = btrfs_init_inode_security(trans, inode, dir, &dentry->d_name); |
4769 | if (err) { | 4770 | if (err) { |
4770 | drop_inode = 1; | 4771 | drop_inode = 1; |
4771 | goto out_unlock; | 4772 | goto out_unlock; |
@@ -4894,7 +4895,7 @@ static int btrfs_mkdir(struct inode *dir, struct dentry *dentry, int mode) | |||
4894 | 4895 | ||
4895 | drop_on_err = 1; | 4896 | drop_on_err = 1; |
4896 | 4897 | ||
4897 | err = btrfs_init_inode_security(trans, inode, dir); | 4898 | err = btrfs_init_inode_security(trans, inode, dir, &dentry->d_name); |
4898 | if (err) | 4899 | if (err) |
4899 | goto out_fail; | 4900 | goto out_fail; |
4900 | 4901 | ||
@@ -7106,7 +7107,7 @@ static int btrfs_symlink(struct inode *dir, struct dentry *dentry, | |||
7106 | if (IS_ERR(inode)) | 7107 | if (IS_ERR(inode)) |
7107 | goto out_unlock; | 7108 | goto out_unlock; |
7108 | 7109 | ||
7109 | err = btrfs_init_inode_security(trans, inode, dir); | 7110 | err = btrfs_init_inode_security(trans, inode, dir, &dentry->d_name); |
7110 | if (err) { | 7111 | if (err) { |
7111 | drop_inode = 1; | 7112 | drop_inode = 1; |
7112 | goto out_unlock; | 7113 | goto out_unlock; |
diff --git a/fs/btrfs/xattr.c b/fs/btrfs/xattr.c index a5776531dc2b..d779cefcfd7d 100644 --- a/fs/btrfs/xattr.c +++ b/fs/btrfs/xattr.c | |||
@@ -370,7 +370,8 @@ int btrfs_removexattr(struct dentry *dentry, const char *name) | |||
370 | } | 370 | } |
371 | 371 | ||
372 | int btrfs_xattr_security_init(struct btrfs_trans_handle *trans, | 372 | int btrfs_xattr_security_init(struct btrfs_trans_handle *trans, |
373 | struct inode *inode, struct inode *dir) | 373 | struct inode *inode, struct inode *dir, |
374 | const struct qstr *qstr) | ||
374 | { | 375 | { |
375 | int err; | 376 | int err; |
376 | size_t len; | 377 | size_t len; |
@@ -378,7 +379,8 @@ int btrfs_xattr_security_init(struct btrfs_trans_handle *trans, | |||
378 | char *suffix; | 379 | char *suffix; |
379 | char *name; | 380 | char *name; |
380 | 381 | ||
381 | err = security_inode_init_security(inode, dir, &suffix, &value, &len); | 382 | err = security_inode_init_security(inode, dir, qstr, &suffix, &value, |
383 | &len); | ||
382 | if (err) { | 384 | if (err) { |
383 | if (err == -EOPNOTSUPP) | 385 | if (err == -EOPNOTSUPP) |
384 | return 0; | 386 | return 0; |
diff --git a/fs/btrfs/xattr.h b/fs/btrfs/xattr.h index 7a43fd640bbb..b3cc8039134b 100644 --- a/fs/btrfs/xattr.h +++ b/fs/btrfs/xattr.h | |||
@@ -37,6 +37,7 @@ extern int btrfs_setxattr(struct dentry *dentry, const char *name, | |||
37 | extern int btrfs_removexattr(struct dentry *dentry, const char *name); | 37 | extern int btrfs_removexattr(struct dentry *dentry, const char *name); |
38 | 38 | ||
39 | extern int btrfs_xattr_security_init(struct btrfs_trans_handle *trans, | 39 | extern int btrfs_xattr_security_init(struct btrfs_trans_handle *trans, |
40 | struct inode *inode, struct inode *dir); | 40 | struct inode *inode, struct inode *dir, |
41 | const struct qstr *qstr); | ||
41 | 42 | ||
42 | #endif /* __XATTR__ */ | 43 | #endif /* __XATTR__ */ |
diff --git a/fs/cachefiles/namei.c b/fs/cachefiles/namei.c index 42c7fafc8bfe..a0358c2189cb 100644 --- a/fs/cachefiles/namei.c +++ b/fs/cachefiles/namei.c | |||
@@ -275,6 +275,7 @@ static int cachefiles_bury_object(struct cachefiles_cache *cache, | |||
275 | bool preemptive) | 275 | bool preemptive) |
276 | { | 276 | { |
277 | struct dentry *grave, *trap; | 277 | struct dentry *grave, *trap; |
278 | struct path path, path_to_graveyard; | ||
278 | char nbuffer[8 + 8 + 1]; | 279 | char nbuffer[8 + 8 + 1]; |
279 | int ret; | 280 | int ret; |
280 | 281 | ||
@@ -287,10 +288,18 @@ static int cachefiles_bury_object(struct cachefiles_cache *cache, | |||
287 | /* non-directories can just be unlinked */ | 288 | /* non-directories can just be unlinked */ |
288 | if (!S_ISDIR(rep->d_inode->i_mode)) { | 289 | if (!S_ISDIR(rep->d_inode->i_mode)) { |
289 | _debug("unlink stale object"); | 290 | _debug("unlink stale object"); |
290 | ret = vfs_unlink(dir->d_inode, rep); | ||
291 | 291 | ||
292 | if (preemptive) | 292 | path.mnt = cache->mnt; |
293 | cachefiles_mark_object_buried(cache, rep); | 293 | path.dentry = dir; |
294 | ret = security_path_unlink(&path, rep); | ||
295 | if (ret < 0) { | ||
296 | cachefiles_io_error(cache, "Unlink security error"); | ||
297 | } else { | ||
298 | ret = vfs_unlink(dir->d_inode, rep); | ||
299 | |||
300 | if (preemptive) | ||
301 | cachefiles_mark_object_buried(cache, rep); | ||
302 | } | ||
294 | 303 | ||
295 | mutex_unlock(&dir->d_inode->i_mutex); | 304 | mutex_unlock(&dir->d_inode->i_mutex); |
296 | 305 | ||
@@ -379,12 +388,23 @@ try_again: | |||
379 | } | 388 | } |
380 | 389 | ||
381 | /* attempt the rename */ | 390 | /* attempt the rename */ |
382 | ret = vfs_rename(dir->d_inode, rep, cache->graveyard->d_inode, grave); | 391 | path.mnt = cache->mnt; |
383 | if (ret != 0 && ret != -ENOMEM) | 392 | path.dentry = dir; |
384 | cachefiles_io_error(cache, "Rename failed with error %d", ret); | 393 | path_to_graveyard.mnt = cache->mnt; |
394 | path_to_graveyard.dentry = cache->graveyard; | ||
395 | ret = security_path_rename(&path, rep, &path_to_graveyard, grave); | ||
396 | if (ret < 0) { | ||
397 | cachefiles_io_error(cache, "Rename security error %d", ret); | ||
398 | } else { | ||
399 | ret = vfs_rename(dir->d_inode, rep, | ||
400 | cache->graveyard->d_inode, grave); | ||
401 | if (ret != 0 && ret != -ENOMEM) | ||
402 | cachefiles_io_error(cache, | ||
403 | "Rename failed with error %d", ret); | ||
385 | 404 | ||
386 | if (preemptive) | 405 | if (preemptive) |
387 | cachefiles_mark_object_buried(cache, rep); | 406 | cachefiles_mark_object_buried(cache, rep); |
407 | } | ||
388 | 408 | ||
389 | unlock_rename(cache->graveyard, dir); | 409 | unlock_rename(cache->graveyard, dir); |
390 | dput(grave); | 410 | dput(grave); |
@@ -448,6 +468,7 @@ int cachefiles_walk_to_object(struct cachefiles_object *parent, | |||
448 | { | 468 | { |
449 | struct cachefiles_cache *cache; | 469 | struct cachefiles_cache *cache; |
450 | struct dentry *dir, *next = NULL; | 470 | struct dentry *dir, *next = NULL; |
471 | struct path path; | ||
451 | unsigned long start; | 472 | unsigned long start; |
452 | const char *name; | 473 | const char *name; |
453 | int ret, nlen; | 474 | int ret, nlen; |
@@ -458,6 +479,7 @@ int cachefiles_walk_to_object(struct cachefiles_object *parent, | |||
458 | 479 | ||
459 | cache = container_of(parent->fscache.cache, | 480 | cache = container_of(parent->fscache.cache, |
460 | struct cachefiles_cache, cache); | 481 | struct cachefiles_cache, cache); |
482 | path.mnt = cache->mnt; | ||
461 | 483 | ||
462 | ASSERT(parent->dentry); | 484 | ASSERT(parent->dentry); |
463 | ASSERT(parent->dentry->d_inode); | 485 | ASSERT(parent->dentry->d_inode); |
@@ -511,6 +533,10 @@ lookup_again: | |||
511 | if (ret < 0) | 533 | if (ret < 0) |
512 | goto create_error; | 534 | goto create_error; |
513 | 535 | ||
536 | path.dentry = dir; | ||
537 | ret = security_path_mkdir(&path, next, 0); | ||
538 | if (ret < 0) | ||
539 | goto create_error; | ||
514 | start = jiffies; | 540 | start = jiffies; |
515 | ret = vfs_mkdir(dir->d_inode, next, 0); | 541 | ret = vfs_mkdir(dir->d_inode, next, 0); |
516 | cachefiles_hist(cachefiles_mkdir_histogram, start); | 542 | cachefiles_hist(cachefiles_mkdir_histogram, start); |
@@ -536,6 +562,10 @@ lookup_again: | |||
536 | if (ret < 0) | 562 | if (ret < 0) |
537 | goto create_error; | 563 | goto create_error; |
538 | 564 | ||
565 | path.dentry = dir; | ||
566 | ret = security_path_mknod(&path, next, S_IFREG, 0); | ||
567 | if (ret < 0) | ||
568 | goto create_error; | ||
539 | start = jiffies; | 569 | start = jiffies; |
540 | ret = vfs_create(dir->d_inode, next, S_IFREG, NULL); | 570 | ret = vfs_create(dir->d_inode, next, S_IFREG, NULL); |
541 | cachefiles_hist(cachefiles_create_histogram, start); | 571 | cachefiles_hist(cachefiles_create_histogram, start); |
@@ -692,6 +722,7 @@ struct dentry *cachefiles_get_directory(struct cachefiles_cache *cache, | |||
692 | { | 722 | { |
693 | struct dentry *subdir; | 723 | struct dentry *subdir; |
694 | unsigned long start; | 724 | unsigned long start; |
725 | struct path path; | ||
695 | int ret; | 726 | int ret; |
696 | 727 | ||
697 | _enter(",,%s", dirname); | 728 | _enter(",,%s", dirname); |
@@ -719,6 +750,11 @@ struct dentry *cachefiles_get_directory(struct cachefiles_cache *cache, | |||
719 | 750 | ||
720 | _debug("attempt mkdir"); | 751 | _debug("attempt mkdir"); |
721 | 752 | ||
753 | path.mnt = cache->mnt; | ||
754 | path.dentry = dir; | ||
755 | ret = security_path_mkdir(&path, subdir, 0700); | ||
756 | if (ret < 0) | ||
757 | goto mkdir_error; | ||
722 | ret = vfs_mkdir(dir->d_inode, subdir, 0700); | 758 | ret = vfs_mkdir(dir->d_inode, subdir, 0700); |
723 | if (ret < 0) | 759 | if (ret < 0) |
724 | goto mkdir_error; | 760 | goto mkdir_error; |
diff --git a/fs/ext2/ext2.h b/fs/ext2/ext2.h index 6346a2acf326..1b48c3370872 100644 --- a/fs/ext2/ext2.h +++ b/fs/ext2/ext2.h | |||
@@ -110,7 +110,7 @@ extern struct ext2_dir_entry_2 * ext2_dotdot (struct inode *, struct page **); | |||
110 | extern void ext2_set_link(struct inode *, struct ext2_dir_entry_2 *, struct page *, struct inode *, int); | 110 | extern void ext2_set_link(struct inode *, struct ext2_dir_entry_2 *, struct page *, struct inode *, int); |
111 | 111 | ||
112 | /* ialloc.c */ | 112 | /* ialloc.c */ |
113 | extern struct inode * ext2_new_inode (struct inode *, int); | 113 | extern struct inode * ext2_new_inode (struct inode *, int, const struct qstr *); |
114 | extern void ext2_free_inode (struct inode *); | 114 | extern void ext2_free_inode (struct inode *); |
115 | extern unsigned long ext2_count_free_inodes (struct super_block *); | 115 | extern unsigned long ext2_count_free_inodes (struct super_block *); |
116 | extern void ext2_check_inodes_bitmap (struct super_block *); | 116 | extern void ext2_check_inodes_bitmap (struct super_block *); |
diff --git a/fs/ext2/ialloc.c b/fs/ext2/ialloc.c index ad70479aabff..ee9ed31948e1 100644 --- a/fs/ext2/ialloc.c +++ b/fs/ext2/ialloc.c | |||
@@ -429,7 +429,8 @@ found: | |||
429 | return group; | 429 | return group; |
430 | } | 430 | } |
431 | 431 | ||
432 | struct inode *ext2_new_inode(struct inode *dir, int mode) | 432 | struct inode *ext2_new_inode(struct inode *dir, int mode, |
433 | const struct qstr *qstr) | ||
433 | { | 434 | { |
434 | struct super_block *sb; | 435 | struct super_block *sb; |
435 | struct buffer_head *bitmap_bh = NULL; | 436 | struct buffer_head *bitmap_bh = NULL; |
@@ -585,7 +586,7 @@ got: | |||
585 | if (err) | 586 | if (err) |
586 | goto fail_free_drop; | 587 | goto fail_free_drop; |
587 | 588 | ||
588 | err = ext2_init_security(inode,dir); | 589 | err = ext2_init_security(inode, dir, qstr); |
589 | if (err) | 590 | if (err) |
590 | goto fail_free_drop; | 591 | goto fail_free_drop; |
591 | 592 | ||
diff --git a/fs/ext2/namei.c b/fs/ext2/namei.c index adb91855ccd0..ed5c5d496ee9 100644 --- a/fs/ext2/namei.c +++ b/fs/ext2/namei.c | |||
@@ -104,7 +104,7 @@ static int ext2_create (struct inode * dir, struct dentry * dentry, int mode, st | |||
104 | 104 | ||
105 | dquot_initialize(dir); | 105 | dquot_initialize(dir); |
106 | 106 | ||
107 | inode = ext2_new_inode(dir, mode); | 107 | inode = ext2_new_inode(dir, mode, &dentry->d_name); |
108 | if (IS_ERR(inode)) | 108 | if (IS_ERR(inode)) |
109 | return PTR_ERR(inode); | 109 | return PTR_ERR(inode); |
110 | 110 | ||
@@ -133,7 +133,7 @@ static int ext2_mknod (struct inode * dir, struct dentry *dentry, int mode, dev_ | |||
133 | 133 | ||
134 | dquot_initialize(dir); | 134 | dquot_initialize(dir); |
135 | 135 | ||
136 | inode = ext2_new_inode (dir, mode); | 136 | inode = ext2_new_inode (dir, mode, &dentry->d_name); |
137 | err = PTR_ERR(inode); | 137 | err = PTR_ERR(inode); |
138 | if (!IS_ERR(inode)) { | 138 | if (!IS_ERR(inode)) { |
139 | init_special_inode(inode, inode->i_mode, rdev); | 139 | init_special_inode(inode, inode->i_mode, rdev); |
@@ -159,7 +159,7 @@ static int ext2_symlink (struct inode * dir, struct dentry * dentry, | |||
159 | 159 | ||
160 | dquot_initialize(dir); | 160 | dquot_initialize(dir); |
161 | 161 | ||
162 | inode = ext2_new_inode (dir, S_IFLNK | S_IRWXUGO); | 162 | inode = ext2_new_inode (dir, S_IFLNK | S_IRWXUGO, &dentry->d_name); |
163 | err = PTR_ERR(inode); | 163 | err = PTR_ERR(inode); |
164 | if (IS_ERR(inode)) | 164 | if (IS_ERR(inode)) |
165 | goto out; | 165 | goto out; |
@@ -230,7 +230,7 @@ static int ext2_mkdir(struct inode * dir, struct dentry * dentry, int mode) | |||
230 | 230 | ||
231 | inode_inc_link_count(dir); | 231 | inode_inc_link_count(dir); |
232 | 232 | ||
233 | inode = ext2_new_inode (dir, S_IFDIR | mode); | 233 | inode = ext2_new_inode(dir, S_IFDIR | mode, &dentry->d_name); |
234 | err = PTR_ERR(inode); | 234 | err = PTR_ERR(inode); |
235 | if (IS_ERR(inode)) | 235 | if (IS_ERR(inode)) |
236 | goto out_dir; | 236 | goto out_dir; |
diff --git a/fs/ext2/xattr.h b/fs/ext2/xattr.h index a1a1c2184616..5e41cccff762 100644 --- a/fs/ext2/xattr.h +++ b/fs/ext2/xattr.h | |||
@@ -116,9 +116,11 @@ exit_ext2_xattr(void) | |||
116 | # endif /* CONFIG_EXT2_FS_XATTR */ | 116 | # endif /* CONFIG_EXT2_FS_XATTR */ |
117 | 117 | ||
118 | #ifdef CONFIG_EXT2_FS_SECURITY | 118 | #ifdef CONFIG_EXT2_FS_SECURITY |
119 | extern int ext2_init_security(struct inode *inode, struct inode *dir); | 119 | extern int ext2_init_security(struct inode *inode, struct inode *dir, |
120 | const struct qstr *qstr); | ||
120 | #else | 121 | #else |
121 | static inline int ext2_init_security(struct inode *inode, struct inode *dir) | 122 | static inline int ext2_init_security(struct inode *inode, struct inode *dir, |
123 | const struct qstr *qstr) | ||
122 | { | 124 | { |
123 | return 0; | 125 | return 0; |
124 | } | 126 | } |
diff --git a/fs/ext2/xattr_security.c b/fs/ext2/xattr_security.c index 3004e15d5da5..5d979b4347b0 100644 --- a/fs/ext2/xattr_security.c +++ b/fs/ext2/xattr_security.c | |||
@@ -47,14 +47,15 @@ ext2_xattr_security_set(struct dentry *dentry, const char *name, | |||
47 | } | 47 | } |
48 | 48 | ||
49 | int | 49 | int |
50 | ext2_init_security(struct inode *inode, struct inode *dir) | 50 | ext2_init_security(struct inode *inode, struct inode *dir, |
51 | const struct qstr *qstr) | ||
51 | { | 52 | { |
52 | int err; | 53 | int err; |
53 | size_t len; | 54 | size_t len; |
54 | void *value; | 55 | void *value; |
55 | char *name; | 56 | char *name; |
56 | 57 | ||
57 | err = security_inode_init_security(inode, dir, &name, &value, &len); | 58 | err = security_inode_init_security(inode, dir, qstr, &name, &value, &len); |
58 | if (err) { | 59 | if (err) { |
59 | if (err == -EOPNOTSUPP) | 60 | if (err == -EOPNOTSUPP) |
60 | return 0; | 61 | return 0; |
diff --git a/fs/ext3/ialloc.c b/fs/ext3/ialloc.c index 9724aef22460..bfc2dc43681d 100644 --- a/fs/ext3/ialloc.c +++ b/fs/ext3/ialloc.c | |||
@@ -404,7 +404,8 @@ static int find_group_other(struct super_block *sb, struct inode *parent) | |||
404 | * For other inodes, search forward from the parent directory's block | 404 | * For other inodes, search forward from the parent directory's block |
405 | * group to find a free inode. | 405 | * group to find a free inode. |
406 | */ | 406 | */ |
407 | struct inode *ext3_new_inode(handle_t *handle, struct inode * dir, int mode) | 407 | struct inode *ext3_new_inode(handle_t *handle, struct inode * dir, |
408 | const struct qstr *qstr, int mode) | ||
408 | { | 409 | { |
409 | struct super_block *sb; | 410 | struct super_block *sb; |
410 | struct buffer_head *bitmap_bh = NULL; | 411 | struct buffer_head *bitmap_bh = NULL; |
@@ -589,7 +590,7 @@ got: | |||
589 | if (err) | 590 | if (err) |
590 | goto fail_free_drop; | 591 | goto fail_free_drop; |
591 | 592 | ||
592 | err = ext3_init_security(handle,inode, dir); | 593 | err = ext3_init_security(handle, inode, dir, qstr); |
593 | if (err) | 594 | if (err) |
594 | goto fail_free_drop; | 595 | goto fail_free_drop; |
595 | 596 | ||
diff --git a/fs/ext3/namei.c b/fs/ext3/namei.c index b27ba71810ec..9dba3bd69d9a 100644 --- a/fs/ext3/namei.c +++ b/fs/ext3/namei.c | |||
@@ -1710,7 +1710,7 @@ retry: | |||
1710 | if (IS_DIRSYNC(dir)) | 1710 | if (IS_DIRSYNC(dir)) |
1711 | handle->h_sync = 1; | 1711 | handle->h_sync = 1; |
1712 | 1712 | ||
1713 | inode = ext3_new_inode (handle, dir, mode); | 1713 | inode = ext3_new_inode (handle, dir, &dentry->d_name, mode); |
1714 | err = PTR_ERR(inode); | 1714 | err = PTR_ERR(inode); |
1715 | if (!IS_ERR(inode)) { | 1715 | if (!IS_ERR(inode)) { |
1716 | inode->i_op = &ext3_file_inode_operations; | 1716 | inode->i_op = &ext3_file_inode_operations; |
@@ -1746,7 +1746,7 @@ retry: | |||
1746 | if (IS_DIRSYNC(dir)) | 1746 | if (IS_DIRSYNC(dir)) |
1747 | handle->h_sync = 1; | 1747 | handle->h_sync = 1; |
1748 | 1748 | ||
1749 | inode = ext3_new_inode (handle, dir, mode); | 1749 | inode = ext3_new_inode (handle, dir, &dentry->d_name, mode); |
1750 | err = PTR_ERR(inode); | 1750 | err = PTR_ERR(inode); |
1751 | if (!IS_ERR(inode)) { | 1751 | if (!IS_ERR(inode)) { |
1752 | init_special_inode(inode, inode->i_mode, rdev); | 1752 | init_special_inode(inode, inode->i_mode, rdev); |
@@ -1784,7 +1784,7 @@ retry: | |||
1784 | if (IS_DIRSYNC(dir)) | 1784 | if (IS_DIRSYNC(dir)) |
1785 | handle->h_sync = 1; | 1785 | handle->h_sync = 1; |
1786 | 1786 | ||
1787 | inode = ext3_new_inode (handle, dir, S_IFDIR | mode); | 1787 | inode = ext3_new_inode (handle, dir, &dentry->d_name, S_IFDIR | mode); |
1788 | err = PTR_ERR(inode); | 1788 | err = PTR_ERR(inode); |
1789 | if (IS_ERR(inode)) | 1789 | if (IS_ERR(inode)) |
1790 | goto out_stop; | 1790 | goto out_stop; |
@@ -2206,7 +2206,7 @@ retry: | |||
2206 | if (IS_DIRSYNC(dir)) | 2206 | if (IS_DIRSYNC(dir)) |
2207 | handle->h_sync = 1; | 2207 | handle->h_sync = 1; |
2208 | 2208 | ||
2209 | inode = ext3_new_inode (handle, dir, S_IFLNK|S_IRWXUGO); | 2209 | inode = ext3_new_inode (handle, dir, &dentry->d_name, S_IFLNK|S_IRWXUGO); |
2210 | err = PTR_ERR(inode); | 2210 | err = PTR_ERR(inode); |
2211 | if (IS_ERR(inode)) | 2211 | if (IS_ERR(inode)) |
2212 | goto out_stop; | 2212 | goto out_stop; |
diff --git a/fs/ext3/xattr.h b/fs/ext3/xattr.h index 377fe7201169..2be4f69bfa64 100644 --- a/fs/ext3/xattr.h +++ b/fs/ext3/xattr.h | |||
@@ -128,10 +128,10 @@ exit_ext3_xattr(void) | |||
128 | 128 | ||
129 | #ifdef CONFIG_EXT3_FS_SECURITY | 129 | #ifdef CONFIG_EXT3_FS_SECURITY |
130 | extern int ext3_init_security(handle_t *handle, struct inode *inode, | 130 | extern int ext3_init_security(handle_t *handle, struct inode *inode, |
131 | struct inode *dir); | 131 | struct inode *dir, const struct qstr *qstr); |
132 | #else | 132 | #else |
133 | static inline int ext3_init_security(handle_t *handle, struct inode *inode, | 133 | static inline int ext3_init_security(handle_t *handle, struct inode *inode, |
134 | struct inode *dir) | 134 | struct inode *dir, const struct qstr *qstr) |
135 | { | 135 | { |
136 | return 0; | 136 | return 0; |
137 | } | 137 | } |
diff --git a/fs/ext3/xattr_security.c b/fs/ext3/xattr_security.c index 03a99bfc59f9..b8d9f83aa5c5 100644 --- a/fs/ext3/xattr_security.c +++ b/fs/ext3/xattr_security.c | |||
@@ -49,14 +49,15 @@ ext3_xattr_security_set(struct dentry *dentry, const char *name, | |||
49 | } | 49 | } |
50 | 50 | ||
51 | int | 51 | int |
52 | ext3_init_security(handle_t *handle, struct inode *inode, struct inode *dir) | 52 | ext3_init_security(handle_t *handle, struct inode *inode, struct inode *dir, |
53 | const struct qstr *qstr) | ||
53 | { | 54 | { |
54 | int err; | 55 | int err; |
55 | size_t len; | 56 | size_t len; |
56 | void *value; | 57 | void *value; |
57 | char *name; | 58 | char *name; |
58 | 59 | ||
59 | err = security_inode_init_security(inode, dir, &name, &value, &len); | 60 | err = security_inode_init_security(inode, dir, qstr, &name, &value, &len); |
60 | if (err) { | 61 | if (err) { |
61 | if (err == -EOPNOTSUPP) | 62 | if (err == -EOPNOTSUPP) |
62 | return 0; | 63 | return 0; |
diff --git a/fs/ext4/ialloc.c b/fs/ext4/ialloc.c index eb9097aec6f0..78b79e1bd7ed 100644 --- a/fs/ext4/ialloc.c +++ b/fs/ext4/ialloc.c | |||
@@ -1042,7 +1042,7 @@ got: | |||
1042 | if (err) | 1042 | if (err) |
1043 | goto fail_free_drop; | 1043 | goto fail_free_drop; |
1044 | 1044 | ||
1045 | err = ext4_init_security(handle, inode, dir); | 1045 | err = ext4_init_security(handle, inode, dir, qstr); |
1046 | if (err) | 1046 | if (err) |
1047 | goto fail_free_drop; | 1047 | goto fail_free_drop; |
1048 | 1048 | ||
diff --git a/fs/ext4/xattr.h b/fs/ext4/xattr.h index 1ef16520b950..25b7387ff183 100644 --- a/fs/ext4/xattr.h +++ b/fs/ext4/xattr.h | |||
@@ -145,10 +145,10 @@ ext4_expand_extra_isize_ea(struct inode *inode, int new_extra_isize, | |||
145 | 145 | ||
146 | #ifdef CONFIG_EXT4_FS_SECURITY | 146 | #ifdef CONFIG_EXT4_FS_SECURITY |
147 | extern int ext4_init_security(handle_t *handle, struct inode *inode, | 147 | extern int ext4_init_security(handle_t *handle, struct inode *inode, |
148 | struct inode *dir); | 148 | struct inode *dir, const struct qstr *qstr); |
149 | #else | 149 | #else |
150 | static inline int ext4_init_security(handle_t *handle, struct inode *inode, | 150 | static inline int ext4_init_security(handle_t *handle, struct inode *inode, |
151 | struct inode *dir) | 151 | struct inode *dir, const struct qstr *qstr) |
152 | { | 152 | { |
153 | return 0; | 153 | return 0; |
154 | } | 154 | } |
diff --git a/fs/ext4/xattr_security.c b/fs/ext4/xattr_security.c index 9b21268e121c..007c3bfbf094 100644 --- a/fs/ext4/xattr_security.c +++ b/fs/ext4/xattr_security.c | |||
@@ -49,14 +49,15 @@ ext4_xattr_security_set(struct dentry *dentry, const char *name, | |||
49 | } | 49 | } |
50 | 50 | ||
51 | int | 51 | int |
52 | ext4_init_security(handle_t *handle, struct inode *inode, struct inode *dir) | 52 | ext4_init_security(handle_t *handle, struct inode *inode, struct inode *dir, |
53 | const struct qstr *qstr) | ||
53 | { | 54 | { |
54 | int err; | 55 | int err; |
55 | size_t len; | 56 | size_t len; |
56 | void *value; | 57 | void *value; |
57 | char *name; | 58 | char *name; |
58 | 59 | ||
59 | err = security_inode_init_security(inode, dir, &name, &value, &len); | 60 | err = security_inode_init_security(inode, dir, qstr, &name, &value, &len); |
60 | if (err) { | 61 | if (err) { |
61 | if (err == -EOPNOTSUPP) | 62 | if (err == -EOPNOTSUPP) |
62 | return 0; | 63 | return 0; |
diff --git a/fs/file_table.c b/fs/file_table.c index eb36b6b17e26..cbeec70ee310 100644 --- a/fs/file_table.c +++ b/fs/file_table.c | |||
@@ -190,7 +190,8 @@ struct file *alloc_file(struct path *path, fmode_t mode, | |||
190 | file_take_write(file); | 190 | file_take_write(file); |
191 | WARN_ON(mnt_clone_write(path->mnt)); | 191 | WARN_ON(mnt_clone_write(path->mnt)); |
192 | } | 192 | } |
193 | ima_counts_get(file); | 193 | if ((mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ) |
194 | i_readcount_inc(path->dentry->d_inode); | ||
194 | return file; | 195 | return file; |
195 | } | 196 | } |
196 | EXPORT_SYMBOL(alloc_file); | 197 | EXPORT_SYMBOL(alloc_file); |
@@ -251,6 +252,8 @@ static void __fput(struct file *file) | |||
251 | fops_put(file->f_op); | 252 | fops_put(file->f_op); |
252 | put_pid(file->f_owner.pid); | 253 | put_pid(file->f_owner.pid); |
253 | file_sb_list_del(file); | 254 | file_sb_list_del(file); |
255 | if ((file->f_mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ) | ||
256 | i_readcount_dec(inode); | ||
254 | if (file->f_mode & FMODE_WRITE) | 257 | if (file->f_mode & FMODE_WRITE) |
255 | drop_file_write_access(file); | 258 | drop_file_write_access(file); |
256 | file->f_path.dentry = NULL; | 259 | file->f_path.dentry = NULL; |
diff --git a/fs/gfs2/inode.c b/fs/gfs2/inode.c index 7aa7d4f8984a..97d54a28776a 100644 --- a/fs/gfs2/inode.c +++ b/fs/gfs2/inode.c | |||
@@ -763,14 +763,15 @@ fail: | |||
763 | return error; | 763 | return error; |
764 | } | 764 | } |
765 | 765 | ||
766 | static int gfs2_security_init(struct gfs2_inode *dip, struct gfs2_inode *ip) | 766 | static int gfs2_security_init(struct gfs2_inode *dip, struct gfs2_inode *ip, |
767 | const struct qstr *qstr) | ||
767 | { | 768 | { |
768 | int err; | 769 | int err; |
769 | size_t len; | 770 | size_t len; |
770 | void *value; | 771 | void *value; |
771 | char *name; | 772 | char *name; |
772 | 773 | ||
773 | err = security_inode_init_security(&ip->i_inode, &dip->i_inode, | 774 | err = security_inode_init_security(&ip->i_inode, &dip->i_inode, qstr, |
774 | &name, &value, &len); | 775 | &name, &value, &len); |
775 | 776 | ||
776 | if (err) { | 777 | if (err) { |
@@ -854,7 +855,7 @@ struct inode *gfs2_createi(struct gfs2_holder *ghs, const struct qstr *name, | |||
854 | if (error) | 855 | if (error) |
855 | goto fail_gunlock2; | 856 | goto fail_gunlock2; |
856 | 857 | ||
857 | error = gfs2_security_init(dip, GFS2_I(inode)); | 858 | error = gfs2_security_init(dip, GFS2_I(inode), name); |
858 | if (error) | 859 | if (error) |
859 | goto fail_gunlock2; | 860 | goto fail_gunlock2; |
860 | 861 | ||
diff --git a/fs/jffs2/dir.c b/fs/jffs2/dir.c index 92978658ed18..82faddd1f321 100644 --- a/fs/jffs2/dir.c +++ b/fs/jffs2/dir.c | |||
@@ -215,8 +215,7 @@ static int jffs2_create(struct inode *dir_i, struct dentry *dentry, int mode, | |||
215 | no chance of AB-BA deadlock involving its f->sem). */ | 215 | no chance of AB-BA deadlock involving its f->sem). */ |
216 | mutex_unlock(&f->sem); | 216 | mutex_unlock(&f->sem); |
217 | 217 | ||
218 | ret = jffs2_do_create(c, dir_f, f, ri, | 218 | ret = jffs2_do_create(c, dir_f, f, ri, &dentry->d_name); |
219 | dentry->d_name.name, dentry->d_name.len); | ||
220 | if (ret) | 219 | if (ret) |
221 | goto fail; | 220 | goto fail; |
222 | 221 | ||
@@ -386,7 +385,7 @@ static int jffs2_symlink (struct inode *dir_i, struct dentry *dentry, const char | |||
386 | 385 | ||
387 | jffs2_complete_reservation(c); | 386 | jffs2_complete_reservation(c); |
388 | 387 | ||
389 | ret = jffs2_init_security(inode, dir_i); | 388 | ret = jffs2_init_security(inode, dir_i, &dentry->d_name); |
390 | if (ret) | 389 | if (ret) |
391 | goto fail; | 390 | goto fail; |
392 | 391 | ||
@@ -530,7 +529,7 @@ static int jffs2_mkdir (struct inode *dir_i, struct dentry *dentry, int mode) | |||
530 | 529 | ||
531 | jffs2_complete_reservation(c); | 530 | jffs2_complete_reservation(c); |
532 | 531 | ||
533 | ret = jffs2_init_security(inode, dir_i); | 532 | ret = jffs2_init_security(inode, dir_i, &dentry->d_name); |
534 | if (ret) | 533 | if (ret) |
535 | goto fail; | 534 | goto fail; |
536 | 535 | ||
@@ -703,7 +702,7 @@ static int jffs2_mknod (struct inode *dir_i, struct dentry *dentry, int mode, de | |||
703 | 702 | ||
704 | jffs2_complete_reservation(c); | 703 | jffs2_complete_reservation(c); |
705 | 704 | ||
706 | ret = jffs2_init_security(inode, dir_i); | 705 | ret = jffs2_init_security(inode, dir_i, &dentry->d_name); |
707 | if (ret) | 706 | if (ret) |
708 | goto fail; | 707 | goto fail; |
709 | 708 | ||
diff --git a/fs/jffs2/nodelist.h b/fs/jffs2/nodelist.h index 5a53d9bdb2b5..e4619b00f7c5 100644 --- a/fs/jffs2/nodelist.h +++ b/fs/jffs2/nodelist.h | |||
@@ -401,7 +401,7 @@ int jffs2_write_inode_range(struct jffs2_sb_info *c, struct jffs2_inode_info *f, | |||
401 | struct jffs2_raw_inode *ri, unsigned char *buf, | 401 | struct jffs2_raw_inode *ri, unsigned char *buf, |
402 | uint32_t offset, uint32_t writelen, uint32_t *retlen); | 402 | uint32_t offset, uint32_t writelen, uint32_t *retlen); |
403 | int jffs2_do_create(struct jffs2_sb_info *c, struct jffs2_inode_info *dir_f, struct jffs2_inode_info *f, | 403 | int jffs2_do_create(struct jffs2_sb_info *c, struct jffs2_inode_info *dir_f, struct jffs2_inode_info *f, |
404 | struct jffs2_raw_inode *ri, const char *name, int namelen); | 404 | struct jffs2_raw_inode *ri, const struct qstr *qstr); |
405 | int jffs2_do_unlink(struct jffs2_sb_info *c, struct jffs2_inode_info *dir_f, const char *name, | 405 | int jffs2_do_unlink(struct jffs2_sb_info *c, struct jffs2_inode_info *dir_f, const char *name, |
406 | int namelen, struct jffs2_inode_info *dead_f, uint32_t time); | 406 | int namelen, struct jffs2_inode_info *dead_f, uint32_t time); |
407 | int jffs2_do_link(struct jffs2_sb_info *c, struct jffs2_inode_info *dir_f, uint32_t ino, | 407 | int jffs2_do_link(struct jffs2_sb_info *c, struct jffs2_inode_info *dir_f, uint32_t ino, |
diff --git a/fs/jffs2/security.c b/fs/jffs2/security.c index 239f51216a68..cfeb7164b085 100644 --- a/fs/jffs2/security.c +++ b/fs/jffs2/security.c | |||
@@ -23,14 +23,15 @@ | |||
23 | #include "nodelist.h" | 23 | #include "nodelist.h" |
24 | 24 | ||
25 | /* ---- Initial Security Label Attachment -------------- */ | 25 | /* ---- Initial Security Label Attachment -------------- */ |
26 | int jffs2_init_security(struct inode *inode, struct inode *dir) | 26 | int jffs2_init_security(struct inode *inode, struct inode *dir, |
27 | const struct qstr *qstr) | ||
27 | { | 28 | { |
28 | int rc; | 29 | int rc; |
29 | size_t len; | 30 | size_t len; |
30 | void *value; | 31 | void *value; |
31 | char *name; | 32 | char *name; |
32 | 33 | ||
33 | rc = security_inode_init_security(inode, dir, &name, &value, &len); | 34 | rc = security_inode_init_security(inode, dir, qstr, &name, &value, &len); |
34 | if (rc) { | 35 | if (rc) { |
35 | if (rc == -EOPNOTSUPP) | 36 | if (rc == -EOPNOTSUPP) |
36 | return 0; | 37 | return 0; |
diff --git a/fs/jffs2/write.c b/fs/jffs2/write.c index c819eb0e982d..30d175b6d290 100644 --- a/fs/jffs2/write.c +++ b/fs/jffs2/write.c | |||
@@ -424,7 +424,9 @@ int jffs2_write_inode_range(struct jffs2_sb_info *c, struct jffs2_inode_info *f, | |||
424 | return ret; | 424 | return ret; |
425 | } | 425 | } |
426 | 426 | ||
427 | int jffs2_do_create(struct jffs2_sb_info *c, struct jffs2_inode_info *dir_f, struct jffs2_inode_info *f, struct jffs2_raw_inode *ri, const char *name, int namelen) | 427 | int jffs2_do_create(struct jffs2_sb_info *c, struct jffs2_inode_info *dir_f, |
428 | struct jffs2_inode_info *f, struct jffs2_raw_inode *ri, | ||
429 | const struct qstr *qstr) | ||
428 | { | 430 | { |
429 | struct jffs2_raw_dirent *rd; | 431 | struct jffs2_raw_dirent *rd; |
430 | struct jffs2_full_dnode *fn; | 432 | struct jffs2_full_dnode *fn; |
@@ -466,15 +468,15 @@ int jffs2_do_create(struct jffs2_sb_info *c, struct jffs2_inode_info *dir_f, str | |||
466 | mutex_unlock(&f->sem); | 468 | mutex_unlock(&f->sem); |
467 | jffs2_complete_reservation(c); | 469 | jffs2_complete_reservation(c); |
468 | 470 | ||
469 | ret = jffs2_init_security(&f->vfs_inode, &dir_f->vfs_inode); | 471 | ret = jffs2_init_security(&f->vfs_inode, &dir_f->vfs_inode, qstr); |
470 | if (ret) | 472 | if (ret) |
471 | return ret; | 473 | return ret; |
472 | ret = jffs2_init_acl_post(&f->vfs_inode); | 474 | ret = jffs2_init_acl_post(&f->vfs_inode); |
473 | if (ret) | 475 | if (ret) |
474 | return ret; | 476 | return ret; |
475 | 477 | ||
476 | ret = jffs2_reserve_space(c, sizeof(*rd)+namelen, &alloclen, | 478 | ret = jffs2_reserve_space(c, sizeof(*rd)+qstr->len, &alloclen, |
477 | ALLOC_NORMAL, JFFS2_SUMMARY_DIRENT_SIZE(namelen)); | 479 | ALLOC_NORMAL, JFFS2_SUMMARY_DIRENT_SIZE(qstr->len)); |
478 | 480 | ||
479 | if (ret) { | 481 | if (ret) { |
480 | /* Eep. */ | 482 | /* Eep. */ |
@@ -493,19 +495,19 @@ int jffs2_do_create(struct jffs2_sb_info *c, struct jffs2_inode_info *dir_f, str | |||
493 | 495 | ||
494 | rd->magic = cpu_to_je16(JFFS2_MAGIC_BITMASK); | 496 | rd->magic = cpu_to_je16(JFFS2_MAGIC_BITMASK); |
495 | rd->nodetype = cpu_to_je16(JFFS2_NODETYPE_DIRENT); | 497 | rd->nodetype = cpu_to_je16(JFFS2_NODETYPE_DIRENT); |
496 | rd->totlen = cpu_to_je32(sizeof(*rd) + namelen); | 498 | rd->totlen = cpu_to_je32(sizeof(*rd) + qstr->len); |
497 | rd->hdr_crc = cpu_to_je32(crc32(0, rd, sizeof(struct jffs2_unknown_node)-4)); | 499 | rd->hdr_crc = cpu_to_je32(crc32(0, rd, sizeof(struct jffs2_unknown_node)-4)); |
498 | 500 | ||
499 | rd->pino = cpu_to_je32(dir_f->inocache->ino); | 501 | rd->pino = cpu_to_je32(dir_f->inocache->ino); |
500 | rd->version = cpu_to_je32(++dir_f->highest_version); | 502 | rd->version = cpu_to_je32(++dir_f->highest_version); |
501 | rd->ino = ri->ino; | 503 | rd->ino = ri->ino; |
502 | rd->mctime = ri->ctime; | 504 | rd->mctime = ri->ctime; |
503 | rd->nsize = namelen; | 505 | rd->nsize = qstr->len; |
504 | rd->type = DT_REG; | 506 | rd->type = DT_REG; |
505 | rd->node_crc = cpu_to_je32(crc32(0, rd, sizeof(*rd)-8)); | 507 | rd->node_crc = cpu_to_je32(crc32(0, rd, sizeof(*rd)-8)); |
506 | rd->name_crc = cpu_to_je32(crc32(0, name, namelen)); | 508 | rd->name_crc = cpu_to_je32(crc32(0, qstr->name, qstr->len)); |
507 | 509 | ||
508 | fd = jffs2_write_dirent(c, dir_f, rd, name, namelen, ALLOC_NORMAL); | 510 | fd = jffs2_write_dirent(c, dir_f, rd, qstr->name, qstr->len, ALLOC_NORMAL); |
509 | 511 | ||
510 | jffs2_free_raw_dirent(rd); | 512 | jffs2_free_raw_dirent(rd); |
511 | 513 | ||
diff --git a/fs/jffs2/xattr.h b/fs/jffs2/xattr.h index cf4f5759b42b..7be4beb306f3 100644 --- a/fs/jffs2/xattr.h +++ b/fs/jffs2/xattr.h | |||
@@ -121,10 +121,11 @@ extern ssize_t jffs2_listxattr(struct dentry *, char *, size_t); | |||
121 | #endif /* CONFIG_JFFS2_FS_XATTR */ | 121 | #endif /* CONFIG_JFFS2_FS_XATTR */ |
122 | 122 | ||
123 | #ifdef CONFIG_JFFS2_FS_SECURITY | 123 | #ifdef CONFIG_JFFS2_FS_SECURITY |
124 | extern int jffs2_init_security(struct inode *inode, struct inode *dir); | 124 | extern int jffs2_init_security(struct inode *inode, struct inode *dir, |
125 | const struct qstr *qstr); | ||
125 | extern const struct xattr_handler jffs2_security_xattr_handler; | 126 | extern const struct xattr_handler jffs2_security_xattr_handler; |
126 | #else | 127 | #else |
127 | #define jffs2_init_security(inode,dir) (0) | 128 | #define jffs2_init_security(inode,dir,qstr) (0) |
128 | #endif /* CONFIG_JFFS2_FS_SECURITY */ | 129 | #endif /* CONFIG_JFFS2_FS_SECURITY */ |
129 | 130 | ||
130 | #endif /* _JFFS2_FS_XATTR_H_ */ | 131 | #endif /* _JFFS2_FS_XATTR_H_ */ |
diff --git a/fs/jfs/jfs_xattr.h b/fs/jfs/jfs_xattr.h index 88b6cc535bf2..e9e100fd7c09 100644 --- a/fs/jfs/jfs_xattr.h +++ b/fs/jfs/jfs_xattr.h | |||
@@ -62,10 +62,11 @@ extern ssize_t jfs_listxattr(struct dentry *, char *, size_t); | |||
62 | extern int jfs_removexattr(struct dentry *, const char *); | 62 | extern int jfs_removexattr(struct dentry *, const char *); |
63 | 63 | ||
64 | #ifdef CONFIG_JFS_SECURITY | 64 | #ifdef CONFIG_JFS_SECURITY |
65 | extern int jfs_init_security(tid_t, struct inode *, struct inode *); | 65 | extern int jfs_init_security(tid_t, struct inode *, struct inode *, |
66 | const struct qstr *); | ||
66 | #else | 67 | #else |
67 | static inline int jfs_init_security(tid_t tid, struct inode *inode, | 68 | static inline int jfs_init_security(tid_t tid, struct inode *inode, |
68 | struct inode *dir) | 69 | struct inode *dir, const struct qstr *qstr) |
69 | { | 70 | { |
70 | return 0; | 71 | return 0; |
71 | } | 72 | } |
diff --git a/fs/jfs/namei.c b/fs/jfs/namei.c index 5a2b269428a6..c61600ece4fb 100644 --- a/fs/jfs/namei.c +++ b/fs/jfs/namei.c | |||
@@ -115,7 +115,7 @@ static int jfs_create(struct inode *dip, struct dentry *dentry, int mode, | |||
115 | if (rc) | 115 | if (rc) |
116 | goto out3; | 116 | goto out3; |
117 | 117 | ||
118 | rc = jfs_init_security(tid, ip, dip); | 118 | rc = jfs_init_security(tid, ip, dip, &dentry->d_name); |
119 | if (rc) { | 119 | if (rc) { |
120 | txAbort(tid, 0); | 120 | txAbort(tid, 0); |
121 | goto out3; | 121 | goto out3; |
@@ -253,7 +253,7 @@ static int jfs_mkdir(struct inode *dip, struct dentry *dentry, int mode) | |||
253 | if (rc) | 253 | if (rc) |
254 | goto out3; | 254 | goto out3; |
255 | 255 | ||
256 | rc = jfs_init_security(tid, ip, dip); | 256 | rc = jfs_init_security(tid, ip, dip, &dentry->d_name); |
257 | if (rc) { | 257 | if (rc) { |
258 | txAbort(tid, 0); | 258 | txAbort(tid, 0); |
259 | goto out3; | 259 | goto out3; |
@@ -932,7 +932,7 @@ static int jfs_symlink(struct inode *dip, struct dentry *dentry, | |||
932 | mutex_lock_nested(&JFS_IP(dip)->commit_mutex, COMMIT_MUTEX_PARENT); | 932 | mutex_lock_nested(&JFS_IP(dip)->commit_mutex, COMMIT_MUTEX_PARENT); |
933 | mutex_lock_nested(&JFS_IP(ip)->commit_mutex, COMMIT_MUTEX_CHILD); | 933 | mutex_lock_nested(&JFS_IP(ip)->commit_mutex, COMMIT_MUTEX_CHILD); |
934 | 934 | ||
935 | rc = jfs_init_security(tid, ip, dip); | 935 | rc = jfs_init_security(tid, ip, dip, &dentry->d_name); |
936 | if (rc) | 936 | if (rc) |
937 | goto out3; | 937 | goto out3; |
938 | 938 | ||
@@ -1395,7 +1395,7 @@ static int jfs_mknod(struct inode *dir, struct dentry *dentry, | |||
1395 | if (rc) | 1395 | if (rc) |
1396 | goto out3; | 1396 | goto out3; |
1397 | 1397 | ||
1398 | rc = jfs_init_security(tid, ip, dir); | 1398 | rc = jfs_init_security(tid, ip, dir, &dentry->d_name); |
1399 | if (rc) { | 1399 | if (rc) { |
1400 | txAbort(tid, 0); | 1400 | txAbort(tid, 0); |
1401 | goto out3; | 1401 | goto out3; |
diff --git a/fs/jfs/xattr.c b/fs/jfs/xattr.c index 2d7f165d0f1d..3fa4c32272df 100644 --- a/fs/jfs/xattr.c +++ b/fs/jfs/xattr.c | |||
@@ -1091,7 +1091,8 @@ int jfs_removexattr(struct dentry *dentry, const char *name) | |||
1091 | } | 1091 | } |
1092 | 1092 | ||
1093 | #ifdef CONFIG_JFS_SECURITY | 1093 | #ifdef CONFIG_JFS_SECURITY |
1094 | int jfs_init_security(tid_t tid, struct inode *inode, struct inode *dir) | 1094 | int jfs_init_security(tid_t tid, struct inode *inode, struct inode *dir, |
1095 | const struct qstr *qstr) | ||
1095 | { | 1096 | { |
1096 | int rc; | 1097 | int rc; |
1097 | size_t len; | 1098 | size_t len; |
@@ -1099,7 +1100,8 @@ int jfs_init_security(tid_t tid, struct inode *inode, struct inode *dir) | |||
1099 | char *suffix; | 1100 | char *suffix; |
1100 | char *name; | 1101 | char *name; |
1101 | 1102 | ||
1102 | rc = security_inode_init_security(inode, dir, &suffix, &value, &len); | 1103 | rc = security_inode_init_security(inode, dir, qstr, &suffix, &value, |
1104 | &len); | ||
1103 | if (rc) { | 1105 | if (rc) { |
1104 | if (rc == -EOPNOTSUPP) | 1106 | if (rc == -EOPNOTSUPP) |
1105 | return 0; | 1107 | return 0; |
diff --git a/fs/namespace.c b/fs/namespace.c index d1edf26025dc..a66feed7311d 100644 --- a/fs/namespace.c +++ b/fs/namespace.c | |||
@@ -1767,6 +1767,10 @@ static int do_remount(struct path *path, int flags, int mnt_flags, | |||
1767 | if (path->dentry != path->mnt->mnt_root) | 1767 | if (path->dentry != path->mnt->mnt_root) |
1768 | return -EINVAL; | 1768 | return -EINVAL; |
1769 | 1769 | ||
1770 | err = security_sb_remount(sb, data); | ||
1771 | if (err) | ||
1772 | return err; | ||
1773 | |||
1770 | down_write(&sb->s_umount); | 1774 | down_write(&sb->s_umount); |
1771 | if (flags & MS_BIND) | 1775 | if (flags & MS_BIND) |
1772 | err = change_mount_flags(path->mnt, flags); | 1776 | err = change_mount_flags(path->mnt, flags); |
diff --git a/fs/ocfs2/namei.c b/fs/ocfs2/namei.c index 849fb4a2e814..d6c25d76b537 100644 --- a/fs/ocfs2/namei.c +++ b/fs/ocfs2/namei.c | |||
@@ -293,7 +293,7 @@ static int ocfs2_mknod(struct inode *dir, | |||
293 | } | 293 | } |
294 | 294 | ||
295 | /* get security xattr */ | 295 | /* get security xattr */ |
296 | status = ocfs2_init_security_get(inode, dir, &si); | 296 | status = ocfs2_init_security_get(inode, dir, &dentry->d_name, &si); |
297 | if (status) { | 297 | if (status) { |
298 | if (status == -EOPNOTSUPP) | 298 | if (status == -EOPNOTSUPP) |
299 | si.enable = 0; | 299 | si.enable = 0; |
@@ -1665,7 +1665,7 @@ static int ocfs2_symlink(struct inode *dir, | |||
1665 | } | 1665 | } |
1666 | 1666 | ||
1667 | /* get security xattr */ | 1667 | /* get security xattr */ |
1668 | status = ocfs2_init_security_get(inode, dir, &si); | 1668 | status = ocfs2_init_security_get(inode, dir, &dentry->d_name, &si); |
1669 | if (status) { | 1669 | if (status) { |
1670 | if (status == -EOPNOTSUPP) | 1670 | if (status == -EOPNOTSUPP) |
1671 | si.enable = 0; | 1671 | si.enable = 0; |
diff --git a/fs/ocfs2/refcounttree.c b/fs/ocfs2/refcounttree.c index 19ebc5aad391..35798b88042d 100644 --- a/fs/ocfs2/refcounttree.c +++ b/fs/ocfs2/refcounttree.c | |||
@@ -4328,7 +4328,8 @@ static int ocfs2_reflink(struct dentry *old_dentry, struct inode *dir, | |||
4328 | 4328 | ||
4329 | /* If the security isn't preserved, we need to re-initialize them. */ | 4329 | /* If the security isn't preserved, we need to re-initialize them. */ |
4330 | if (!preserve) { | 4330 | if (!preserve) { |
4331 | error = ocfs2_init_security_and_acl(dir, new_orphan_inode); | 4331 | error = ocfs2_init_security_and_acl(dir, new_orphan_inode, |
4332 | &new_dentry->d_name); | ||
4332 | if (error) | 4333 | if (error) |
4333 | mlog_errno(error); | 4334 | mlog_errno(error); |
4334 | } | 4335 | } |
diff --git a/fs/ocfs2/xattr.c b/fs/ocfs2/xattr.c index 67cd43914641..6bb602486c6b 100644 --- a/fs/ocfs2/xattr.c +++ b/fs/ocfs2/xattr.c | |||
@@ -7185,7 +7185,8 @@ out: | |||
7185 | * must not hold any lock expect i_mutex. | 7185 | * must not hold any lock expect i_mutex. |
7186 | */ | 7186 | */ |
7187 | int ocfs2_init_security_and_acl(struct inode *dir, | 7187 | int ocfs2_init_security_and_acl(struct inode *dir, |
7188 | struct inode *inode) | 7188 | struct inode *inode, |
7189 | const struct qstr *qstr) | ||
7189 | { | 7190 | { |
7190 | int ret = 0; | 7191 | int ret = 0; |
7191 | struct buffer_head *dir_bh = NULL; | 7192 | struct buffer_head *dir_bh = NULL; |
@@ -7193,7 +7194,7 @@ int ocfs2_init_security_and_acl(struct inode *dir, | |||
7193 | .enable = 1, | 7194 | .enable = 1, |
7194 | }; | 7195 | }; |
7195 | 7196 | ||
7196 | ret = ocfs2_init_security_get(inode, dir, &si); | 7197 | ret = ocfs2_init_security_get(inode, dir, qstr, &si); |
7197 | if (!ret) { | 7198 | if (!ret) { |
7198 | ret = ocfs2_xattr_set(inode, OCFS2_XATTR_INDEX_SECURITY, | 7199 | ret = ocfs2_xattr_set(inode, OCFS2_XATTR_INDEX_SECURITY, |
7199 | si.name, si.value, si.value_len, | 7200 | si.name, si.value, si.value_len, |
@@ -7261,13 +7262,14 @@ static int ocfs2_xattr_security_set(struct dentry *dentry, const char *name, | |||
7261 | 7262 | ||
7262 | int ocfs2_init_security_get(struct inode *inode, | 7263 | int ocfs2_init_security_get(struct inode *inode, |
7263 | struct inode *dir, | 7264 | struct inode *dir, |
7265 | const struct qstr *qstr, | ||
7264 | struct ocfs2_security_xattr_info *si) | 7266 | struct ocfs2_security_xattr_info *si) |
7265 | { | 7267 | { |
7266 | /* check whether ocfs2 support feature xattr */ | 7268 | /* check whether ocfs2 support feature xattr */ |
7267 | if (!ocfs2_supports_xattr(OCFS2_SB(dir->i_sb))) | 7269 | if (!ocfs2_supports_xattr(OCFS2_SB(dir->i_sb))) |
7268 | return -EOPNOTSUPP; | 7270 | return -EOPNOTSUPP; |
7269 | return security_inode_init_security(inode, dir, &si->name, &si->value, | 7271 | return security_inode_init_security(inode, dir, qstr, &si->name, |
7270 | &si->value_len); | 7272 | &si->value, &si->value_len); |
7271 | } | 7273 | } |
7272 | 7274 | ||
7273 | int ocfs2_init_security_set(handle_t *handle, | 7275 | int ocfs2_init_security_set(handle_t *handle, |
diff --git a/fs/ocfs2/xattr.h b/fs/ocfs2/xattr.h index aa64bb37a65b..d63cfb72316b 100644 --- a/fs/ocfs2/xattr.h +++ b/fs/ocfs2/xattr.h | |||
@@ -57,6 +57,7 @@ int ocfs2_has_inline_xattr_value_outside(struct inode *inode, | |||
57 | struct ocfs2_dinode *di); | 57 | struct ocfs2_dinode *di); |
58 | int ocfs2_xattr_remove(struct inode *, struct buffer_head *); | 58 | int ocfs2_xattr_remove(struct inode *, struct buffer_head *); |
59 | int ocfs2_init_security_get(struct inode *, struct inode *, | 59 | int ocfs2_init_security_get(struct inode *, struct inode *, |
60 | const struct qstr *, | ||
60 | struct ocfs2_security_xattr_info *); | 61 | struct ocfs2_security_xattr_info *); |
61 | int ocfs2_init_security_set(handle_t *, struct inode *, | 62 | int ocfs2_init_security_set(handle_t *, struct inode *, |
62 | struct buffer_head *, | 63 | struct buffer_head *, |
@@ -94,5 +95,6 @@ int ocfs2_reflink_xattrs(struct inode *old_inode, | |||
94 | struct buffer_head *new_bh, | 95 | struct buffer_head *new_bh, |
95 | bool preserve_security); | 96 | bool preserve_security); |
96 | int ocfs2_init_security_and_acl(struct inode *dir, | 97 | int ocfs2_init_security_and_acl(struct inode *dir, |
97 | struct inode *inode); | 98 | struct inode *inode, |
99 | const struct qstr *qstr); | ||
98 | #endif /* OCFS2_XATTR_H */ | 100 | #endif /* OCFS2_XATTR_H */ |
@@ -701,7 +701,8 @@ static struct file *__dentry_open(struct dentry *dentry, struct vfsmount *mnt, | |||
701 | if (error) | 701 | if (error) |
702 | goto cleanup_all; | 702 | goto cleanup_all; |
703 | } | 703 | } |
704 | ima_counts_get(f); | 704 | if ((f->f_mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ) |
705 | i_readcount_inc(inode); | ||
705 | 706 | ||
706 | f->f_flags &= ~(O_CREAT | O_EXCL | O_NOCTTY | O_TRUNC); | 707 | f->f_flags &= ~(O_CREAT | O_EXCL | O_NOCTTY | O_TRUNC); |
707 | 708 | ||
diff --git a/fs/proc/proc_sysctl.c b/fs/proc/proc_sysctl.c index 8eb2522111c5..f50133c11c24 100644 --- a/fs/proc/proc_sysctl.c +++ b/fs/proc/proc_sysctl.c | |||
@@ -32,7 +32,6 @@ static struct inode *proc_sys_make_inode(struct super_block *sb, | |||
32 | ei->sysctl_entry = table; | 32 | ei->sysctl_entry = table; |
33 | 33 | ||
34 | inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME; | 34 | inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME; |
35 | inode->i_flags |= S_PRIVATE; /* tell selinux to ignore this inode */ | ||
36 | inode->i_mode = table->mode; | 35 | inode->i_mode = table->mode; |
37 | if (!table->child) { | 36 | if (!table->child) { |
38 | inode->i_mode |= S_IFREG; | 37 | inode->i_mode |= S_IFREG; |
diff --git a/fs/reiserfs/namei.c b/fs/reiserfs/namei.c index 68fdf45cc6c9..82f45542dcfc 100644 --- a/fs/reiserfs/namei.c +++ b/fs/reiserfs/namei.c | |||
@@ -593,7 +593,7 @@ static int reiserfs_create(struct inode *dir, struct dentry *dentry, int mode, | |||
593 | new_inode_init(inode, dir, mode); | 593 | new_inode_init(inode, dir, mode); |
594 | 594 | ||
595 | jbegin_count += reiserfs_cache_default_acl(dir); | 595 | jbegin_count += reiserfs_cache_default_acl(dir); |
596 | retval = reiserfs_security_init(dir, inode, &security); | 596 | retval = reiserfs_security_init(dir, inode, &dentry->d_name, &security); |
597 | if (retval < 0) { | 597 | if (retval < 0) { |
598 | drop_new_inode(inode); | 598 | drop_new_inode(inode); |
599 | return retval; | 599 | return retval; |
@@ -667,7 +667,7 @@ static int reiserfs_mknod(struct inode *dir, struct dentry *dentry, int mode, | |||
667 | new_inode_init(inode, dir, mode); | 667 | new_inode_init(inode, dir, mode); |
668 | 668 | ||
669 | jbegin_count += reiserfs_cache_default_acl(dir); | 669 | jbegin_count += reiserfs_cache_default_acl(dir); |
670 | retval = reiserfs_security_init(dir, inode, &security); | 670 | retval = reiserfs_security_init(dir, inode, &dentry->d_name, &security); |
671 | if (retval < 0) { | 671 | if (retval < 0) { |
672 | drop_new_inode(inode); | 672 | drop_new_inode(inode); |
673 | return retval; | 673 | return retval; |
@@ -747,7 +747,7 @@ static int reiserfs_mkdir(struct inode *dir, struct dentry *dentry, int mode) | |||
747 | new_inode_init(inode, dir, mode); | 747 | new_inode_init(inode, dir, mode); |
748 | 748 | ||
749 | jbegin_count += reiserfs_cache_default_acl(dir); | 749 | jbegin_count += reiserfs_cache_default_acl(dir); |
750 | retval = reiserfs_security_init(dir, inode, &security); | 750 | retval = reiserfs_security_init(dir, inode, &dentry->d_name, &security); |
751 | if (retval < 0) { | 751 | if (retval < 0) { |
752 | drop_new_inode(inode); | 752 | drop_new_inode(inode); |
753 | return retval; | 753 | return retval; |
@@ -1032,7 +1032,8 @@ static int reiserfs_symlink(struct inode *parent_dir, | |||
1032 | } | 1032 | } |
1033 | new_inode_init(inode, parent_dir, mode); | 1033 | new_inode_init(inode, parent_dir, mode); |
1034 | 1034 | ||
1035 | retval = reiserfs_security_init(parent_dir, inode, &security); | 1035 | retval = reiserfs_security_init(parent_dir, inode, &dentry->d_name, |
1036 | &security); | ||
1036 | if (retval < 0) { | 1037 | if (retval < 0) { |
1037 | drop_new_inode(inode); | 1038 | drop_new_inode(inode); |
1038 | return retval; | 1039 | return retval; |
diff --git a/fs/reiserfs/xattr_security.c b/fs/reiserfs/xattr_security.c index 237c6928d3c6..ef66c18a9332 100644 --- a/fs/reiserfs/xattr_security.c +++ b/fs/reiserfs/xattr_security.c | |||
@@ -54,6 +54,7 @@ static size_t security_list(struct dentry *dentry, char *list, size_t list_len, | |||
54 | * of blocks needed for the transaction. If successful, reiserfs_security | 54 | * of blocks needed for the transaction. If successful, reiserfs_security |
55 | * must be released using reiserfs_security_free when the caller is done. */ | 55 | * must be released using reiserfs_security_free when the caller is done. */ |
56 | int reiserfs_security_init(struct inode *dir, struct inode *inode, | 56 | int reiserfs_security_init(struct inode *dir, struct inode *inode, |
57 | const struct qstr *qstr, | ||
57 | struct reiserfs_security_handle *sec) | 58 | struct reiserfs_security_handle *sec) |
58 | { | 59 | { |
59 | int blocks = 0; | 60 | int blocks = 0; |
@@ -65,7 +66,7 @@ int reiserfs_security_init(struct inode *dir, struct inode *inode, | |||
65 | if (IS_PRIVATE(dir)) | 66 | if (IS_PRIVATE(dir)) |
66 | return 0; | 67 | return 0; |
67 | 68 | ||
68 | error = security_inode_init_security(inode, dir, &sec->name, | 69 | error = security_inode_init_security(inode, dir, qstr, &sec->name, |
69 | &sec->value, &sec->length); | 70 | &sec->value, &sec->length); |
70 | if (error) { | 71 | if (error) { |
71 | if (error == -EOPNOTSUPP) | 72 | if (error == -EOPNOTSUPP) |
diff --git a/fs/xfs/linux-2.6/xfs_iops.c b/fs/xfs/linux-2.6/xfs_iops.c index bd5727852fd6..9ff7fc603d2f 100644 --- a/fs/xfs/linux-2.6/xfs_iops.c +++ b/fs/xfs/linux-2.6/xfs_iops.c | |||
@@ -102,7 +102,8 @@ xfs_mark_inode_dirty( | |||
102 | STATIC int | 102 | STATIC int |
103 | xfs_init_security( | 103 | xfs_init_security( |
104 | struct inode *inode, | 104 | struct inode *inode, |
105 | struct inode *dir) | 105 | struct inode *dir, |
106 | const struct qstr *qstr) | ||
106 | { | 107 | { |
107 | struct xfs_inode *ip = XFS_I(inode); | 108 | struct xfs_inode *ip = XFS_I(inode); |
108 | size_t length; | 109 | size_t length; |
@@ -110,7 +111,7 @@ xfs_init_security( | |||
110 | unsigned char *name; | 111 | unsigned char *name; |
111 | int error; | 112 | int error; |
112 | 113 | ||
113 | error = security_inode_init_security(inode, dir, (char **)&name, | 114 | error = security_inode_init_security(inode, dir, qstr, (char **)&name, |
114 | &value, &length); | 115 | &value, &length); |
115 | if (error) { | 116 | if (error) { |
116 | if (error == -EOPNOTSUPP) | 117 | if (error == -EOPNOTSUPP) |
@@ -194,7 +195,7 @@ xfs_vn_mknod( | |||
194 | 195 | ||
195 | inode = VFS_I(ip); | 196 | inode = VFS_I(ip); |
196 | 197 | ||
197 | error = xfs_init_security(inode, dir); | 198 | error = xfs_init_security(inode, dir, &dentry->d_name); |
198 | if (unlikely(error)) | 199 | if (unlikely(error)) |
199 | goto out_cleanup_inode; | 200 | goto out_cleanup_inode; |
200 | 201 | ||
@@ -367,7 +368,7 @@ xfs_vn_symlink( | |||
367 | 368 | ||
368 | inode = VFS_I(cip); | 369 | inode = VFS_I(cip); |
369 | 370 | ||
370 | error = xfs_init_security(inode, dir); | 371 | error = xfs_init_security(inode, dir, &dentry->d_name); |
371 | if (unlikely(error)) | 372 | if (unlikely(error)) |
372 | goto out_cleanup_inode; | 373 | goto out_cleanup_inode; |
373 | 374 | ||