]>
Commit | Line | Data |
---|---|---|
6a930a95 BS |
1 | From: Andreas Gruenbacher <agruen@suse.de> |
2 | Subject: Enable LSM hooks to distinguish operations on file descriptors from operations on pathnames | |
3 | ||
4 | Struct iattr already contains ia_file since commit cc4e69de from | |
5 | Miklos (which is related to commit befc649c). Use this to pass | |
6 | struct file down the setattr hooks. This allows LSMs to distinguish | |
7 | operations on file descriptors from operations on paths. | |
8 | ||
9 | Signed-off-by: Andreas Gruenbacher <agruen@suse.de> | |
10 | Signed-off-by: John Johansen <jjohansen@suse.de> | |
11 | Cc: Miklos Szeredi <mszeredi@suse.cz> | |
12 | ||
13 | --- | |
14 | fs/nfsd/vfs.c | 12 +++++++----- | |
15 | fs/open.c | 5 ++++- | |
16 | 2 files changed, 11 insertions(+), 6 deletions(-) | |
17 | ||
18 | --- a/fs/nfsd/vfs.c | |
19 | +++ b/fs/nfsd/vfs.c | |
20 | @@ -425,7 +425,7 @@ static ssize_t nfsd_getxattr(struct dent | |
21 | { | |
22 | ssize_t buflen; | |
23 | ||
24 | - buflen = vfs_getxattr(dentry, mnt, key, NULL, 0); | |
25 | + buflen = vfs_getxattr(dentry, mnt, key, NULL, 0, NULL); | |
26 | if (buflen <= 0) | |
27 | return buflen; | |
28 | ||
29 | @@ -433,7 +433,7 @@ static ssize_t nfsd_getxattr(struct dent | |
30 | if (!*buf) | |
31 | return -ENOMEM; | |
32 | ||
33 | - return vfs_getxattr(dentry, mnt, key, *buf, buflen); | |
34 | + return vfs_getxattr(dentry, mnt, key, *buf, buflen, NULL); | |
35 | } | |
36 | #endif | |
37 | ||
38 | @@ -459,7 +459,7 @@ set_nfsv4_acl_one(struct dentry *dentry, | |
39 | goto out; | |
40 | } | |
41 | ||
42 | - error = vfs_setxattr(dentry, mnt, key, buf, len, 0); | |
43 | + error = vfs_setxattr(dentry, mnt, key, buf, len, 0, NULL); | |
44 | out: | |
45 | kfree(buf); | |
46 | return error; | |
47 | @@ -2133,12 +2133,14 @@ nfsd_set_posix_acl(struct svc_fh *fhp, i | |
48 | if (error) | |
49 | goto getout; | |
50 | if (size) | |
51 | - error = vfs_setxattr(fhp->fh_dentry, mnt, name, value, size,0); | |
52 | + error = vfs_setxattr(fhp->fh_dentry, mnt, name, value, size, 0, | |
53 | + NULL); | |
54 | else { | |
55 | if (!S_ISDIR(inode->i_mode) && type == ACL_TYPE_DEFAULT) | |
56 | error = 0; | |
57 | else { | |
58 | - error = vfs_removexattr(fhp->fh_dentry, mnt, name); | |
59 | + error = vfs_removexattr(fhp->fh_dentry, mnt, name, | |
60 | + NULL); | |
61 | if (error == -ENODATA) | |
62 | error = 0; | |
63 | } | |
64 | --- a/fs/open.c | |
65 | +++ b/fs/open.c | |
66 | @@ -623,7 +623,7 @@ SYSCALL_DEFINE2(fchmod, unsigned int, fd | |
67 | if (mode == (mode_t) -1) | |
68 | mode = inode->i_mode; | |
69 | newattrs.ia_mode = (mode & S_IALLUGO) | (inode->i_mode & ~S_IALLUGO); | |
70 | - newattrs.ia_valid = ATTR_MODE | ATTR_CTIME; | |
71 | + newattrs.ia_valid = ATTR_MODE | ATTR_CTIME | ATTR_FILE; | |
72 | err = fnotify_change(dentry, file->f_path.mnt, &newattrs, file); | |
73 | mutex_unlock(&inode->i_mutex); | |
74 | mnt_drop_write(file->f_path.mnt); | |
75 | @@ -686,6 +686,9 @@ static int chown_common(struct dentry * | |
76 | if (!S_ISDIR(inode->i_mode)) | |
77 | newattrs.ia_valid |= | |
78 | ATTR_KILL_SUID | ATTR_KILL_SGID | ATTR_KILL_PRIV; | |
79 | + if (file) | |
80 | + newattrs.ia_valid |= ATTR_FILE; | |
81 | + | |
82 | mutex_lock(&inode->i_mutex); | |
83 | error = fnotify_change(dentry, mnt, &newattrs, file); | |
84 | mutex_unlock(&inode->i_mutex); |