[people/pmueller/ipfire-2.x.git] / src / patches / suse-2.6.27.25 / patches.apparmor / security-unlink.diff

From: Tony Jones <tonyj@suse.de>
Subject: Pass struct vfsmount to the inode_unlink LSM hook

This is needed for computing pathnames in the AppArmor LSM.

Signed-off-by: Tony Jones <tonyj@suse.de>
Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
Signed-off-by: John Johansen <jjohansen@suse.de>

---
 fs/namei.c                 |    2 +-
 include/linux/security.h   |   10 +++++++---
 security/capability.c      |    3 ++-
 security/security.c        |    5 +++--
 security/selinux/hooks.c   |    5 +++--
 security/smack/smack_lsm.c |    4 +++-
 6 files changed, 19 insertions(+), 10 deletions(-)

--- a/fs/namei.c
+++ b/fs/namei.c
@@ -2264,7 +2264,7 @@ int vfs_unlink(struct inode *dir, struct
 	if (d_mountpoint(dentry))
 		error = -EBUSY;
 	else {
-		error = security_inode_unlink(dir, dentry);
+		error = security_inode_unlink(dir, dentry, mnt);
 		if (!error)
 			error = dir->i_op->unlink(dir, dentry);
 	}
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -352,6 +352,7 @@ static inline void security_free_mnt_opt
  *	Check the permission to remove a hard link to a file.
  *	@dir contains the inode structure of parent directory of the file.
  *	@dentry contains the dentry structure for file to be unlinked.
+ *	@mnt is the vfsmount corresponding to @dentry (may be NULL).
  *	Return 0 if permission is granted.
  * @inode_symlink:
  *	Check the permission to create a symbolic link to a file.
@@ -1368,7 +1369,8 @@ struct security_operations {
 	int (*inode_link) (struct dentry *old_dentry, struct vfsmount *old_mnt,
 	                   struct inode *dir, struct dentry *new_dentry,
 			   struct vfsmount *new_mnt);
-	int (*inode_unlink) (struct inode *dir, struct dentry *dentry);
+	int (*inode_unlink) (struct inode *dir, struct dentry *dentry,
+			     struct vfsmount *mnt);
 	int (*inode_symlink) (struct inode *dir, struct dentry *dentry,
 			      struct vfsmount *mnt, const char *old_name);
 	int (*inode_mkdir) (struct inode *dir, struct dentry *dentry,
@@ -1640,7 +1642,8 @@ int security_inode_create(struct inode *
 int security_inode_link(struct dentry *old_dentry, struct vfsmount *old_mnt,
 			struct inode *dir, struct dentry *new_dentry,
 			struct vfsmount *new_mnt);
-int security_inode_unlink(struct inode *dir, struct dentry *dentry);
+int security_inode_unlink(struct inode *dir, struct dentry *dentry,
+			  struct vfsmount *mnt);
 int security_inode_symlink(struct inode *dir, struct dentry *dentry,
 			   struct vfsmount *mnt, const char *old_name);
 int security_inode_mkdir(struct inode *dir, struct dentry *dentry,
@@ -2003,7 +2006,8 @@ static inline int security_inode_link(st
 }
 
 static inline int security_inode_unlink(struct inode *dir,
-					 struct dentry *dentry)
+					struct dentry *dentry,
+					struct vfsmount *mnt)
 {
 	return 0;
 }
--- a/security/capability.c
+++ b/security/capability.c
@@ -167,7 +167,8 @@ static int cap_inode_link(struct dentry 
 	return 0;
 }
 
-static int cap_inode_unlink(struct inode *inode, struct dentry *dentry)
+static int cap_inode_unlink(struct inode *inode, struct dentry *dentry,
+			    struct vfsmount *mnt)
 {
 	return 0;
 }
--- a/security/security.c
+++ b/security/security.c
@@ -376,11 +376,12 @@ int security_inode_link(struct dentry *o
 					 new_dentry, new_mnt);
 }
 
-int security_inode_unlink(struct inode *dir, struct dentry *dentry)
+int security_inode_unlink(struct inode *dir, struct dentry *dentry,
+			  struct vfsmount *mnt)
 {
 	if (unlikely(IS_PRIVATE(dentry->d_inode)))
 		return 0;
-	return security_ops->inode_unlink(dir, dentry);
+	return security_ops->inode_unlink(dir, dentry, mnt);
 }
 
 int security_inode_symlink(struct inode *dir, struct dentry *dentry,
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -2587,11 +2587,12 @@ static int selinux_inode_link(struct den
 	return may_link(dir, old_dentry, MAY_LINK);
 }
 
-static int selinux_inode_unlink(struct inode *dir, struct dentry *dentry)
+static int selinux_inode_unlink(struct inode *dir, struct dentry *dentry,
+			        struct vfsmount *mnt)
 {
 	int rc;
 
-	rc = secondary_ops->inode_unlink(dir, dentry);
+	rc = secondary_ops->inode_unlink(dir, dentry, mnt);
 	if (rc)
 		return rc;
 	return may_link(dir, dentry, MAY_UNLINK);
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -454,11 +454,13 @@ static int smack_inode_link(struct dentr
  * smack_inode_unlink - Smack check on inode deletion
  * @dir: containing directory object
  * @dentry: file to unlink
+ * @mnt: vfsmount of file to unlink
  *
  * Returns 0 if current can write the containing directory
  * and the object, error code otherwise
  */
-static int smack_inode_unlink(struct inode *dir, struct dentry *dentry)
+static int smack_inode_unlink(struct inode *dir, struct dentry *dentry,
+			      struct vfsmount *mnt)
 {
 	struct inode *ip = dentry->d_inode;
 	int rc;
Commit	Line	Data
8f69975d BS	1	From: Tony Jones <tonyj@suse.de>
	2	Subject: Pass struct vfsmount to the inode_unlink LSM hook
	3
	4	This is needed for computing pathnames in the AppArmor LSM.
	5
	6	Signed-off-by: Tony Jones <tonyj@suse.de>
	7	Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
	8	Signed-off-by: John Johansen <jjohansen@suse.de>
	9
	10	---
	11	fs/namei.c \| 2 +-
	12	include/linux/security.h \| 10 +++++++---
	13	security/capability.c \| 3 ++-
	14	security/security.c \| 5 +++--
	15	security/selinux/hooks.c \| 5 +++--
	16	security/smack/smack_lsm.c \| 4 +++-
	17	6 files changed, 19 insertions(+), 10 deletions(-)
	18
	19	--- a/fs/namei.c
	20	+++ b/fs/namei.c
	21	@@ -2264,7 +2264,7 @@ int vfs_unlink(struct inode *dir, struct
	22	if (d_mountpoint(dentry))
	23	error = -EBUSY;
	24	else {
	25	- error = security_inode_unlink(dir, dentry);
	26	+ error = security_inode_unlink(dir, dentry, mnt);
	27	if (!error)
	28	error = dir->i_op->unlink(dir, dentry);
	29	}
	30	--- a/include/linux/security.h
	31	+++ b/include/linux/security.h
	32	@@ -352,6 +352,7 @@ static inline void security_free_mnt_opt
	33	* Check the permission to remove a hard link to a file.
	34	* @dir contains the inode structure of parent directory of the file.
	35	* @dentry contains the dentry structure for file to be unlinked.
	36	+ * @mnt is the vfsmount corresponding to @dentry (may be NULL).
	37	* Return 0 if permission is granted.
	38	* @inode_symlink:
	39	* Check the permission to create a symbolic link to a file.
	40	@@ -1368,7 +1369,8 @@ struct security_operations {
	41	int (inode_link) (struct dentry old_dentry, struct vfsmount *old_mnt,
	42	struct inode dir, struct dentry new_dentry,
	43	struct vfsmount *new_mnt);
	44	- int (inode_unlink) (struct inode dir, struct dentry *dentry);
	45	+ int (inode_unlink) (struct inode dir, struct dentry *dentry,
	46	+ struct vfsmount *mnt);
	47	int (inode_symlink) (struct inode dir, struct dentry *dentry,
	48	struct vfsmount mnt, const char old_name);
	49	int (inode_mkdir) (struct inode dir, struct dentry *dentry,
	50	@@ -1640,7 +1642,8 @@ int security_inode_create(struct inode *
	51	int security_inode_link(struct dentry old_dentry, struct vfsmount old_mnt,
	52	struct inode dir, struct dentry new_dentry,
	53	struct vfsmount *new_mnt);
	54	-int security_inode_unlink(struct inode dir, struct dentry dentry);
	55	+int security_inode_unlink(struct inode dir, struct dentry dentry,
	56	+ struct vfsmount *mnt);
	57	int security_inode_symlink(struct inode dir, struct dentry dentry,
	58	struct vfsmount mnt, const char old_name);
	59	int security_inode_mkdir(struct inode dir, struct dentry dentry,
	60	@@ -2003,7 +2006,8 @@ static inline int security_inode_link(st
	61	}
	62
	63	static inline int security_inode_unlink(struct inode *dir,
	64	- struct dentry *dentry)
65	+ struct dentry *dentry,
66	+ struct vfsmount *mnt)
67	{
68	return 0;
69	}
70	--- a/security/capability.c
71	+++ b/security/capability.c
72	@@ -167,7 +167,8 @@ static int cap_inode_link(struct dentry
73	return 0;
74	}
75
76	-static int cap_inode_unlink(struct inode inode, struct dentry dentry)
77	+static int cap_inode_unlink(struct inode inode, struct dentry dentry,
78	+ struct vfsmount *mnt)
79	{
80	return 0;
81	}
82	--- a/security/security.c
83	+++ b/security/security.c
84	@@ -376,11 +376,12 @@ int security_inode_link(struct dentry *o
85	new_dentry, new_mnt);
86	}
87
88	-int security_inode_unlink(struct inode dir, struct dentry dentry)
89	+int security_inode_unlink(struct inode dir, struct dentry dentry,
90	+ struct vfsmount *mnt)
91	{
92	if (unlikely(IS_PRIVATE(dentry->d_inode)))
93	return 0;
94	- return security_ops->inode_unlink(dir, dentry);
95	+ return security_ops->inode_unlink(dir, dentry, mnt);
96	}
97
98	int security_inode_symlink(struct inode dir, struct dentry dentry,
99	--- a/security/selinux/hooks.c
100	+++ b/security/selinux/hooks.c
101	@@ -2587,11 +2587,12 @@ static int selinux_inode_link(struct den
102	return may_link(dir, old_dentry, MAY_LINK);
103	}
104
105	-static int selinux_inode_unlink(struct inode dir, struct dentry dentry)
106	+static int selinux_inode_unlink(struct inode dir, struct dentry dentry,
107	+ struct vfsmount *mnt)
108	{
109	int rc;
110
111	- rc = secondary_ops->inode_unlink(dir, dentry);
112	+ rc = secondary_ops->inode_unlink(dir, dentry, mnt);
113	if (rc)
114	return rc;
115	return may_link(dir, dentry, MAY_UNLINK);
116	--- a/security/smack/smack_lsm.c
117	+++ b/security/smack/smack_lsm.c
118	@@ -454,11 +454,13 @@ static int smack_inode_link(struct dentr
119	* smack_inode_unlink - Smack check on inode deletion
120	* @dir: containing directory object
121	* @dentry: file to unlink
122	+ * @mnt: vfsmount of file to unlink
123	*
124	* Returns 0 if current can write the containing directory
125	* and the object, error code otherwise
126	*/
127	-static int smack_inode_unlink(struct inode dir, struct dentry dentry)
128	+static int smack_inode_unlink(struct inode dir, struct dentry dentry,
129	+ struct vfsmount *mnt)
130	{
131	struct inode *ip = dentry->d_inode;
132	int rc;