1 files changed, 17 insertions, 4 deletions

diff --git a/security/security.c b/security/security.c
index e8c87b8601b4..c53949f17d9e 100644
--- a/security/security.c
+++ b/security/security.c
@@ -619,7 +619,13 @@ void security_inode_getsecid(const struct inode *inode, u32 *secid)
 
 int security_file_permission(struct file *file, int mask)
 {
-        return security_ops->file_permission(file, mask);
+        int ret;
+
+        ret = security_ops->file_permission(file, mask);
+        if (ret)
+                return ret;
+
+        return fsnotify_perm(file, mask);
 }
 
 int security_file_alloc(struct file *file)
@@ -683,7 +689,13 @@ int security_file_receive(struct file *file)
 
 int security_dentry_open(struct file *file, const struct cred *cred)
 {
-        return security_ops->dentry_open(file, cred);
+        int ret;
+
+        ret = security_ops->dentry_open(file, cred);
+        if (ret)
+                return ret;
+
+        return fsnotify_perm(file, MAY_OPEN);
 }
 
 int security_task_create(unsigned long clone_flags)
@@ -768,9 +780,10 @@ int security_task_getioprio(struct task_struct *p)
         return security_ops->task_getioprio(p);
 }
 
-int security_task_setrlimit(unsigned int resource, struct rlimit *new_rlim)
+int security_task_setrlimit(struct task_struct *p, unsigned int resource,
+                struct rlimit *new_rlim)
 {
-        return security_ops->task_setrlimit(resource, new_rlim);
+        return security_ops->task_setrlimit(p, resource, new_rlim);
 }
 
 int security_task_setscheduler(struct task_struct *p,