[people/pmueller/ipfire-2.x.git] / src / patches / suse-2.6.27.25 / patches.apparmor / security-setattr.diff

From: Tony Jones <tonyj@suse.de>
Subject: Pass struct vfsmount to the inode_setattr LSM hook

This is needed for computing pathnames in the AppArmor LSM.

Signed-off-by: Tony Jones <tonyj@suse.de>
Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
Signed-off-by: John Johansen <jjohansen@suse.de>

---
 fs/attr.c                  |    4 ++--
 fs/fat/file.c              |    2 +-
 include/linux/security.h   |   10 +++++++---
 security/capability.c      |    3 ++-
 security/security.c        |    5 +++--
 security/selinux/hooks.c   |    5 +++--
 security/smack/smack_lsm.c |    3 ++-
 7 files changed, 20 insertions(+), 12 deletions(-)

--- a/fs/attr.c
+++ b/fs/attr.c
@@ -164,13 +164,13 @@ int notify_change(struct dentry *dentry,
 		down_write(&dentry->d_inode->i_alloc_sem);
 
 	if (inode->i_op && inode->i_op->setattr) {
-		error = security_inode_setattr(dentry, attr);
+		error = security_inode_setattr(dentry, mnt, attr);
 		if (!error)
 			error = inode->i_op->setattr(dentry, attr);
 	} else {
 		error = inode_change_ok(inode, attr);
 		if (!error)
-			error = security_inode_setattr(dentry, attr);
+			error = security_inode_setattr(dentry, mnt, attr);
 		if (!error) {
 			if ((ia_valid & ATTR_UID && attr->ia_uid != inode->i_uid) ||
 			    (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid))
--- a/fs/fat/file.c
+++ b/fs/fat/file.c
@@ -98,7 +98,7 @@ int fat_generic_ioctl(struct inode *inod
 		 * out the RO attribute for checking by the security
 		 * module, just because it maps to a file mode.
 		 */
-		err = security_inode_setattr(filp->f_path.dentry, &ia);
+		err = security_inode_setattr(filp->f_path.dentry, filp->f_path.mnt, &ia);
 		if (err)
 			goto up;
 
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -412,6 +412,7 @@ static inline void security_free_mnt_opt
  *	file attributes change (such as when a file is truncated, chown/chmod
  *	operations, transferring disk quotas, etc).
  *	@dentry contains the dentry structure for the file.
+ *	@mnt is the vfsmount corresponding to @dentry (may be NULL).
  *	@attr is the iattr structure containing the new file attributes.
  *	Return 0 if permission is granted.
  * @inode_getattr:
@@ -1371,7 +1372,8 @@ struct security_operations {
 	int (*inode_readlink) (struct dentry *dentry);
 	int (*inode_follow_link) (struct dentry *dentry, struct nameidata *nd);
 	int (*inode_permission) (struct inode *inode, int mask);
-	int (*inode_setattr)	(struct dentry *dentry, struct iattr *attr);
+	int (*inode_setattr)	(struct dentry *dentry, struct vfsmount *,
+				 struct iattr *attr);
 	int (*inode_getattr) (struct vfsmount *mnt, struct dentry *dentry);
 	void (*inode_delete) (struct inode *inode);
 	int (*inode_setxattr) (struct dentry *dentry, const char *name,
@@ -1638,7 +1640,8 @@ int security_inode_rename(struct inode *
 int security_inode_readlink(struct dentry *dentry);
 int security_inode_follow_link(struct dentry *dentry, struct nameidata *nd);
 int security_inode_permission(struct inode *inode, int mask);
-int security_inode_setattr(struct dentry *dentry, struct iattr *attr);
+int security_inode_setattr(struct dentry *dentry, struct vfsmount *mnt,
+			   struct iattr *attr);
 int security_inode_getattr(struct vfsmount *mnt, struct dentry *dentry);
 void security_inode_delete(struct inode *inode);
 int security_inode_setxattr(struct dentry *dentry, const char *name,
@@ -2041,7 +2044,8 @@ static inline int security_inode_permiss
 }
 
 static inline int security_inode_setattr(struct dentry *dentry,
-					  struct iattr *attr)
+					 struct vfsmount *mnt,
+					 struct iattr *attr)
 {
 	return 0;
 }
--- a/security/capability.c
+++ b/security/capability.c
@@ -216,7 +216,8 @@ static int cap_inode_permission(struct i
 	return 0;
 }
 
-static int cap_inode_setattr(struct dentry *dentry, struct iattr *iattr)
+static int cap_inode_setattr(struct dentry *dentry, struct vfsmount *mnt,
+			     struct iattr *iattr)
 {
 	return 0;
 }
--- a/security/security.c
+++ b/security/security.c
@@ -441,11 +441,12 @@ int security_inode_permission(struct ino
 	return security_ops->inode_permission(inode, mask);
 }
 
-int security_inode_setattr(struct dentry *dentry, struct iattr *attr)
+int security_inode_setattr(struct dentry *dentry, struct vfsmount *mnt,
+			   struct iattr *attr)
 {
 	if (unlikely(IS_PRIVATE(dentry->d_inode)))
 		return 0;
-	return security_ops->inode_setattr(dentry, attr);
+	return security_ops->inode_setattr(dentry, mnt, attr);
 }
 EXPORT_SYMBOL_GPL(security_inode_setattr);
 
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -2656,11 +2656,12 @@ static int selinux_inode_permission(stru
 			       open_file_mask_to_av(inode->i_mode, mask), NULL);
 }
 
-static int selinux_inode_setattr(struct dentry *dentry, struct iattr *iattr)
+static int selinux_inode_setattr(struct dentry *dentry, struct vfsmount *mnt,
+				 struct iattr *iattr)
 {
 	int rc;
 
-	rc = secondary_ops->inode_setattr(dentry, iattr);
+	rc = secondary_ops->inode_setattr(dentry, mnt, iattr);
 	if (rc)
 		return rc;
 
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -559,7 +559,8 @@ static int smack_inode_permission(struct
  *
  * Returns 0 if access is permitted, an error code otherwise
  */
-static int smack_inode_setattr(struct dentry *dentry, struct iattr *iattr)
+static int smack_inode_setattr(struct dentry *dentry, struct vfsmount *mnt,
+			       struct iattr *iattr)
 {
 	/*
 	 * Need to allow for clearing the setuid bit.
Commit	Line	Data
8f69975d BS	1	From: Tony Jones <tonyj@suse.de>
	2	Subject: Pass struct vfsmount to the inode_setattr LSM hook
	3
	4	This is needed for computing pathnames in the AppArmor LSM.
	5
	6	Signed-off-by: Tony Jones <tonyj@suse.de>
	7	Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
	8	Signed-off-by: John Johansen <jjohansen@suse.de>
	9
	10	---
	11	fs/attr.c \| 4 ++--
	12	fs/fat/file.c \| 2 +-
	13	include/linux/security.h \| 10 +++++++---
	14	security/capability.c \| 3 ++-
	15	security/security.c \| 5 +++--
	16	security/selinux/hooks.c \| 5 +++--
	17	security/smack/smack_lsm.c \| 3 ++-
	18	7 files changed, 20 insertions(+), 12 deletions(-)
	19
	20	--- a/fs/attr.c
	21	+++ b/fs/attr.c
	22	@@ -164,13 +164,13 @@ int notify_change(struct dentry *dentry,
	23	down_write(&dentry->d_inode->i_alloc_sem);
	24
	25	if (inode->i_op && inode->i_op->setattr) {
	26	- error = security_inode_setattr(dentry, attr);
	27	+ error = security_inode_setattr(dentry, mnt, attr);
	28	if (!error)
	29	error = inode->i_op->setattr(dentry, attr);
	30	} else {
	31	error = inode_change_ok(inode, attr);
	32	if (!error)
	33	- error = security_inode_setattr(dentry, attr);
	34	+ error = security_inode_setattr(dentry, mnt, attr);
	35	if (!error) {
	36	if ((ia_valid & ATTR_UID && attr->ia_uid != inode->i_uid) \|\|
	37	(ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid))
	38	--- a/fs/fat/file.c
	39	+++ b/fs/fat/file.c
	40	@@ -98,7 +98,7 @@ int fat_generic_ioctl(struct inode *inod
	41	* out the RO attribute for checking by the security
	42	* module, just because it maps to a file mode.
	43	*/
	44	- err = security_inode_setattr(filp->f_path.dentry, &ia);
	45	+ err = security_inode_setattr(filp->f_path.dentry, filp->f_path.mnt, &ia);
	46	if (err)
	47	goto up;
	48
	49	--- a/include/linux/security.h
	50	+++ b/include/linux/security.h
	51	@@ -412,6 +412,7 @@ static inline void security_free_mnt_opt
	52	* file attributes change (such as when a file is truncated, chown/chmod
	53	* operations, transferring disk quotas, etc).
	54	* @dentry contains the dentry structure for the file.
	55	+ * @mnt is the vfsmount corresponding to @dentry (may be NULL).
	56	* @attr is the iattr structure containing the new file attributes.
	57	* Return 0 if permission is granted.
	58	* @inode_getattr:
	59	@@ -1371,7 +1372,8 @@ struct security_operations {
	60	int (inode_readlink) (struct dentry dentry);
	61	int (inode_follow_link) (struct dentry dentry, struct nameidata *nd);
	62	int (inode_permission) (struct inode inode, int mask);
	63	- int (inode_setattr) (struct dentry dentry, struct iattr *attr);
	64	+ int (inode_setattr) (struct dentry dentry, struct vfsmount *,
65	+ struct iattr *attr);
66	int (inode_getattr) (struct vfsmount mnt, struct dentry *dentry);
67	void (inode_delete) (struct inode inode);
68	int (inode_setxattr) (struct dentry dentry, const char *name,
69	@@ -1638,7 +1640,8 @@ int security_inode_rename(struct inode *
70	int security_inode_readlink(struct dentry *dentry);
71	int security_inode_follow_link(struct dentry dentry, struct nameidata nd);
72	int security_inode_permission(struct inode *inode, int mask);
73	-int security_inode_setattr(struct dentry dentry, struct iattr attr);
74	+int security_inode_setattr(struct dentry dentry, struct vfsmount mnt,
75	+ struct iattr *attr);
76	int security_inode_getattr(struct vfsmount mnt, struct dentry dentry);
77	void security_inode_delete(struct inode *inode);
78	int security_inode_setxattr(struct dentry dentry, const char name,
79	@@ -2041,7 +2044,8 @@ static inline int security_inode_permiss
80	}
81
82	static inline int security_inode_setattr(struct dentry *dentry,
83	- struct iattr *attr)
84	+ struct vfsmount *mnt,
85	+ struct iattr *attr)
86	{
87	return 0;
88	}
89	--- a/security/capability.c
90	+++ b/security/capability.c
91	@@ -216,7 +216,8 @@ static int cap_inode_permission(struct i
92	return 0;
93	}
94
95	-static int cap_inode_setattr(struct dentry dentry, struct iattr iattr)
96	+static int cap_inode_setattr(struct dentry dentry, struct vfsmount mnt,
97	+ struct iattr *iattr)
98	{
99	return 0;
100	}
101	--- a/security/security.c
102	+++ b/security/security.c
103	@@ -441,11 +441,12 @@ int security_inode_permission(struct ino
104	return security_ops->inode_permission(inode, mask);
105	}
106
107	-int security_inode_setattr(struct dentry dentry, struct iattr attr)
108	+int security_inode_setattr(struct dentry dentry, struct vfsmount mnt,
109	+ struct iattr *attr)
110	{
111	if (unlikely(IS_PRIVATE(dentry->d_inode)))
112	return 0;
113	- return security_ops->inode_setattr(dentry, attr);
114	+ return security_ops->inode_setattr(dentry, mnt, attr);
115	}
116	EXPORT_SYMBOL_GPL(security_inode_setattr);
117
118	--- a/security/selinux/hooks.c
119	+++ b/security/selinux/hooks.c
120	@@ -2656,11 +2656,12 @@ static int selinux_inode_permission(stru
121	open_file_mask_to_av(inode->i_mode, mask), NULL);
122	}
123
124	-static int selinux_inode_setattr(struct dentry dentry, struct iattr iattr)
125	+static int selinux_inode_setattr(struct dentry dentry, struct vfsmount mnt,
126	+ struct iattr *iattr)
127	{
128	int rc;
129
130	- rc = secondary_ops->inode_setattr(dentry, iattr);
131	+ rc = secondary_ops->inode_setattr(dentry, mnt, iattr);
132	if (rc)
133	return rc;
134
135	--- a/security/smack/smack_lsm.c
136	+++ b/security/smack/smack_lsm.c
137	@@ -559,7 +559,8 @@ static int smack_inode_permission(struct
138	*
139	* Returns 0 if access is permitted, an error code otherwise
140	*/
141	-static int smack_inode_setattr(struct dentry dentry, struct iattr iattr)
142	+static int smack_inode_setattr(struct dentry dentry, struct vfsmount mnt,
143	+ struct iattr *iattr)
144	{
145	/*
146	* Need to allow for clearing the setuid bit.