Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
L
linux
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
linux
Commits
ee099009
Commit
ee099009
authored
Nov 26, 2002
by
Greg Kroah-Hartman
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
LSM: change if statements into something more readable for the fs/* files.
parent
2e1dab7d
Changes
13
Show whitespace changes
Inline
Side-by-side
Showing
13 changed files
with
76 additions
and
38 deletions
+76
-38
fs/attr.c
fs/attr.c
+2
-1
fs/dquot.c
fs/dquot.c
+2
-1
fs/exec.c
fs/exec.c
+6
-3
fs/fcntl.c
fs/fcntl.c
+6
-3
fs/ioctl.c
fs/ioctl.c
+2
-1
fs/locks.c
fs/locks.c
+8
-4
fs/namei.c
fs/namei.c
+22
-11
fs/namespace.c
fs/namespace.c
+8
-4
fs/open.c
fs/open.c
+2
-1
fs/read_write.c
fs/read_write.c
+4
-2
fs/readdir.c
fs/readdir.c
+2
-1
fs/stat.c
fs/stat.c
+4
-2
fs/xattr.c
fs/xattr.c
+8
-4
No files found.
fs/attr.c
View file @
ee099009
...
@@ -157,7 +157,8 @@ int notify_change(struct dentry * dentry, struct iattr * attr)
...
@@ -157,7 +157,8 @@ int notify_change(struct dentry * dentry, struct iattr * attr)
return
0
;
return
0
;
if
(
inode
->
i_op
&&
inode
->
i_op
->
setattr
)
{
if
(
inode
->
i_op
&&
inode
->
i_op
->
setattr
)
{
if
(
!
(
error
=
security_inode_setattr
(
dentry
,
attr
)))
error
=
security_inode_setattr
(
dentry
,
attr
);
if
(
!
error
)
error
=
inode
->
i_op
->
setattr
(
dentry
,
attr
);
error
=
inode
->
i_op
->
setattr
(
dentry
,
attr
);
}
else
{
}
else
{
error
=
inode_change_ok
(
inode
,
attr
);
error
=
inode_change_ok
(
inode
,
attr
);
...
...
fs/dquot.c
View file @
ee099009
...
@@ -1307,7 +1307,8 @@ int vfs_quota_on(struct super_block *sb, int type, int format_id, char *path)
...
@@ -1307,7 +1307,8 @@ int vfs_quota_on(struct super_block *sb, int type, int format_id, char *path)
error
=
-
EIO
;
error
=
-
EIO
;
if
(
!
f
->
f_op
||
!
f
->
f_op
->
read
||
!
f
->
f_op
->
write
)
if
(
!
f
->
f_op
||
!
f
->
f_op
->
read
||
!
f
->
f_op
->
write
)
goto
out_f
;
goto
out_f
;
if
((
error
=
security_quota_on
(
f
)))
error
=
security_quota_on
(
f
);
if
(
error
)
goto
out_f
;
goto
out_f
;
inode
=
f
->
f_dentry
->
d_inode
;
inode
=
f
->
f_dentry
->
d_inode
;
error
=
-
EACCES
;
error
=
-
EACCES
;
...
...
fs/exec.c
View file @
ee099009
...
@@ -841,7 +841,8 @@ int prepare_binprm(struct linux_binprm *bprm)
...
@@ -841,7 +841,8 @@ int prepare_binprm(struct linux_binprm *bprm)
}
}
/* fill in binprm security blob */
/* fill in binprm security blob */
if
((
retval
=
security_bprm_set
(
bprm
)))
retval
=
security_bprm_set
(
bprm
);
if
(
retval
)
return
retval
;
return
retval
;
memset
(
bprm
->
buf
,
0
,
BINPRM_BUF_SIZE
);
memset
(
bprm
->
buf
,
0
,
BINPRM_BUF_SIZE
);
...
@@ -958,7 +959,8 @@ int search_binary_handler(struct linux_binprm *bprm,struct pt_regs *regs)
...
@@ -958,7 +959,8 @@ int search_binary_handler(struct linux_binprm *bprm,struct pt_regs *regs)
}
}
}
}
#endif
#endif
if
((
retval
=
security_bprm_check
(
bprm
)))
retval
=
security_bprm_check
(
bprm
);
if
(
retval
)
return
retval
;
return
retval
;
/* kernel module loader fixup */
/* kernel module loader fixup */
...
@@ -1054,7 +1056,8 @@ int do_execve(char * filename, char ** argv, char ** envp, struct pt_regs * regs
...
@@ -1054,7 +1056,8 @@ int do_execve(char * filename, char ** argv, char ** envp, struct pt_regs * regs
if
((
retval
=
bprm
.
envc
)
<
0
)
if
((
retval
=
bprm
.
envc
)
<
0
)
goto
out_mm
;
goto
out_mm
;
if
((
retval
=
security_bprm_alloc
(
&
bprm
)))
retval
=
security_bprm_alloc
(
&
bprm
);
if
(
retval
)
goto
out
;
goto
out
;
retval
=
prepare_binprm
(
&
bprm
);
retval
=
prepare_binprm
(
&
bprm
);
...
...
fs/fcntl.c
View file @
ee099009
...
@@ -274,7 +274,8 @@ int f_setown(struct file *filp, unsigned long arg, int force)
...
@@ -274,7 +274,8 @@ int f_setown(struct file *filp, unsigned long arg, int force)
{
{
int
err
;
int
err
;
if
((
err
=
security_file_set_fowner
(
filp
)))
err
=
security_file_set_fowner
(
filp
);
if
(
err
)
return
err
;
return
err
;
f_modown
(
filp
,
arg
,
current
->
uid
,
current
->
euid
,
force
);
f_modown
(
filp
,
arg
,
current
->
uid
,
current
->
euid
,
force
);
...
@@ -367,7 +368,8 @@ asmlinkage long sys_fcntl(unsigned int fd, unsigned int cmd, unsigned long arg)
...
@@ -367,7 +368,8 @@ asmlinkage long sys_fcntl(unsigned int fd, unsigned int cmd, unsigned long arg)
if
(
!
filp
)
if
(
!
filp
)
goto
out
;
goto
out
;
if
((
err
=
security_file_fcntl
(
filp
,
cmd
,
arg
)))
{
err
=
security_file_fcntl
(
filp
,
cmd
,
arg
);
if
(
err
)
{
fput
(
filp
);
fput
(
filp
);
return
err
;
return
err
;
}
}
...
@@ -390,7 +392,8 @@ asmlinkage long sys_fcntl64(unsigned int fd, unsigned int cmd, unsigned long arg
...
@@ -390,7 +392,8 @@ asmlinkage long sys_fcntl64(unsigned int fd, unsigned int cmd, unsigned long arg
if
(
!
filp
)
if
(
!
filp
)
goto
out
;
goto
out
;
if
((
err
=
security_file_fcntl
(
filp
,
cmd
,
arg
)))
{
err
=
security_file_fcntl
(
filp
,
cmd
,
arg
);
if
(
err
)
{
fput
(
filp
);
fput
(
filp
);
return
err
;
return
err
;
}
}
...
...
fs/ioctl.c
View file @
ee099009
...
@@ -59,7 +59,8 @@ asmlinkage long sys_ioctl(unsigned int fd, unsigned int cmd, unsigned long arg)
...
@@ -59,7 +59,8 @@ asmlinkage long sys_ioctl(unsigned int fd, unsigned int cmd, unsigned long arg)
goto
out
;
goto
out
;
error
=
0
;
error
=
0
;
if
((
error
=
security_file_ioctl
(
filp
,
cmd
,
arg
)))
{
error
=
security_file_ioctl
(
filp
,
cmd
,
arg
);
if
(
error
)
{
fput
(
filp
);
fput
(
filp
);
goto
out
;
goto
out
;
}
}
...
...
fs/locks.c
View file @
ee099009
...
@@ -1185,7 +1185,8 @@ int fcntl_setlease(unsigned int fd, struct file *filp, long arg)
...
@@ -1185,7 +1185,8 @@ int fcntl_setlease(unsigned int fd, struct file *filp, long arg)
return
-
EACCES
;
return
-
EACCES
;
if
(
!
S_ISREG
(
inode
->
i_mode
))
if
(
!
S_ISREG
(
inode
->
i_mode
))
return
-
EINVAL
;
return
-
EINVAL
;
if
((
error
=
security_file_lock
(
filp
,
arg
)))
error
=
security_file_lock
(
filp
,
arg
);
if
(
error
)
return
error
;
return
error
;
lock_kernel
();
lock_kernel
();
...
@@ -1298,7 +1299,8 @@ asmlinkage long sys_flock(unsigned int fd, unsigned int cmd)
...
@@ -1298,7 +1299,8 @@ asmlinkage long sys_flock(unsigned int fd, unsigned int cmd)
if
(
error
)
if
(
error
)
goto
out_putf
;
goto
out_putf
;
if
((
error
=
security_file_lock
(
filp
,
cmd
)))
error
=
security_file_lock
(
filp
,
cmd
);
if
(
error
)
goto
out_free
;
goto
out_free
;
for
(;;)
{
for
(;;)
{
...
@@ -1449,7 +1451,8 @@ int fcntl_setlk(struct file *filp, unsigned int cmd, struct flock *l)
...
@@ -1449,7 +1451,8 @@ int fcntl_setlk(struct file *filp, unsigned int cmd, struct flock *l)
goto
out
;
goto
out
;
}
}
if
((
error
=
security_file_lock
(
filp
,
file_lock
->
fl_type
)))
error
=
security_file_lock
(
filp
,
file_lock
->
fl_type
);
if
(
error
)
goto
out
;
goto
out
;
if
(
filp
->
f_op
&&
filp
->
f_op
->
lock
!=
NULL
)
{
if
(
filp
->
f_op
&&
filp
->
f_op
->
lock
!=
NULL
)
{
...
@@ -1588,7 +1591,8 @@ int fcntl_setlk64(struct file *filp, unsigned int cmd, struct flock64 *l)
...
@@ -1588,7 +1591,8 @@ int fcntl_setlk64(struct file *filp, unsigned int cmd, struct flock64 *l)
goto
out
;
goto
out
;
}
}
if
((
error
=
security_file_lock
(
filp
,
file_lock
->
fl_type
)))
error
=
security_file_lock
(
filp
,
file_lock
->
fl_type
);
if
(
error
)
goto
out
;
goto
out
;
if
(
filp
->
f_op
&&
filp
->
f_op
->
lock
!=
NULL
)
{
if
(
filp
->
f_op
&&
filp
->
f_op
->
lock
!=
NULL
)
{
...
...
fs/namei.c
View file @
ee099009
...
@@ -413,7 +413,8 @@ static inline int do_follow_link(struct dentry *dentry, struct nameidata *nd)
...
@@ -413,7 +413,8 @@ static inline int do_follow_link(struct dentry *dentry, struct nameidata *nd)
current
->
state
=
TASK_RUNNING
;
current
->
state
=
TASK_RUNNING
;
schedule
();
schedule
();
}
}
if
((
err
=
security_inode_follow_link
(
dentry
,
nd
)))
err
=
security_inode_follow_link
(
dentry
,
nd
);
if
(
err
)
goto
loop
;
goto
loop
;
current
->
link_count
++
;
current
->
link_count
++
;
current
->
total_link_count
++
;
current
->
total_link_count
++
;
...
@@ -1124,7 +1125,8 @@ int vfs_create(struct inode *dir, struct dentry *dentry, int mode)
...
@@ -1124,7 +1125,8 @@ int vfs_create(struct inode *dir, struct dentry *dentry, int mode)
return
-
EACCES
;
/* shouldn't it be ENOSYS? */
return
-
EACCES
;
/* shouldn't it be ENOSYS? */
mode
&=
S_IALLUGO
;
mode
&=
S_IALLUGO
;
mode
|=
S_IFREG
;
mode
|=
S_IFREG
;
if
((
error
=
security_inode_create
(
dir
,
dentry
,
mode
)))
error
=
security_inode_create
(
dir
,
dentry
,
mode
);
if
(
error
)
return
error
;
return
error
;
DQUOT_INIT
(
dir
);
DQUOT_INIT
(
dir
);
error
=
dir
->
i_op
->
create
(
dir
,
dentry
,
mode
);
error
=
dir
->
i_op
->
create
(
dir
,
dentry
,
mode
);
...
@@ -1343,7 +1345,8 @@ int open_namei(const char * pathname, int flag, int mode, struct nameidata *nd)
...
@@ -1343,7 +1345,8 @@ int open_namei(const char * pathname, int flag, int mode, struct nameidata *nd)
* stored in nd->last.name and we will have to putname() it when we
* stored in nd->last.name and we will have to putname() it when we
* are done. Procfs-like symlinks just set LAST_BIND.
* are done. Procfs-like symlinks just set LAST_BIND.
*/
*/
if
((
error
=
security_inode_follow_link
(
dentry
,
nd
)))
error
=
security_inode_follow_link
(
dentry
,
nd
);
if
(
error
)
goto
exit_dput
;
goto
exit_dput
;
UPDATE_ATIME
(
dentry
->
d_inode
);
UPDATE_ATIME
(
dentry
->
d_inode
);
error
=
dentry
->
d_inode
->
i_op
->
follow_link
(
dentry
,
nd
);
error
=
dentry
->
d_inode
->
i_op
->
follow_link
(
dentry
,
nd
);
...
@@ -1408,7 +1411,8 @@ int vfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev)
...
@@ -1408,7 +1411,8 @@ int vfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev)
if
(
!
dir
->
i_op
||
!
dir
->
i_op
->
mknod
)
if
(
!
dir
->
i_op
||
!
dir
->
i_op
->
mknod
)
return
-
EPERM
;
return
-
EPERM
;
if
((
error
=
security_inode_mknod
(
dir
,
dentry
,
mode
,
dev
)))
error
=
security_inode_mknod
(
dir
,
dentry
,
mode
,
dev
);
if
(
error
)
return
error
;
return
error
;
DQUOT_INIT
(
dir
);
DQUOT_INIT
(
dir
);
...
@@ -1476,7 +1480,8 @@ int vfs_mkdir(struct inode *dir, struct dentry *dentry, int mode)
...
@@ -1476,7 +1480,8 @@ int vfs_mkdir(struct inode *dir, struct dentry *dentry, int mode)
return
-
EPERM
;
return
-
EPERM
;
mode
&=
(
S_IRWXUGO
|
S_ISVTX
);
mode
&=
(
S_IRWXUGO
|
S_ISVTX
);
if
((
error
=
security_inode_mkdir
(
dir
,
dentry
,
mode
)))
error
=
security_inode_mkdir
(
dir
,
dentry
,
mode
);
if
(
error
)
return
error
;
return
error
;
DQUOT_INIT
(
dir
);
DQUOT_INIT
(
dir
);
...
@@ -1568,7 +1573,8 @@ int vfs_rmdir(struct inode *dir, struct dentry *dentry)
...
@@ -1568,7 +1573,8 @@ int vfs_rmdir(struct inode *dir, struct dentry *dentry)
if
(
d_mountpoint
(
dentry
))
if
(
d_mountpoint
(
dentry
))
error
=
-
EBUSY
;
error
=
-
EBUSY
;
else
{
else
{
if
(
!
(
error
=
security_inode_rmdir
(
dir
,
dentry
)))
{
error
=
security_inode_rmdir
(
dir
,
dentry
);
if
(
!
error
)
{
error
=
dir
->
i_op
->
rmdir
(
dir
,
dentry
);
error
=
dir
->
i_op
->
rmdir
(
dir
,
dentry
);
if
(
!
error
)
if
(
!
error
)
dentry
->
d_inode
->
i_flags
|=
S_DEAD
;
dentry
->
d_inode
->
i_flags
|=
S_DEAD
;
...
@@ -1641,7 +1647,8 @@ int vfs_unlink(struct inode *dir, struct dentry *dentry)
...
@@ -1641,7 +1647,8 @@ int vfs_unlink(struct inode *dir, struct dentry *dentry)
if
(
d_mountpoint
(
dentry
))
if
(
d_mountpoint
(
dentry
))
error
=
-
EBUSY
;
error
=
-
EBUSY
;
else
{
else
{
if
(
!
(
error
=
security_inode_unlink
(
dir
,
dentry
)))
error
=
security_inode_unlink
(
dir
,
dentry
);
if
(
error
)
error
=
dir
->
i_op
->
unlink
(
dir
,
dentry
);
error
=
dir
->
i_op
->
unlink
(
dir
,
dentry
);
}
}
up
(
&
dentry
->
d_inode
->
i_sem
);
up
(
&
dentry
->
d_inode
->
i_sem
);
...
@@ -1704,7 +1711,8 @@ int vfs_symlink(struct inode *dir, struct dentry *dentry, const char *oldname)
...
@@ -1704,7 +1711,8 @@ int vfs_symlink(struct inode *dir, struct dentry *dentry, const char *oldname)
if
(
!
dir
->
i_op
||
!
dir
->
i_op
->
symlink
)
if
(
!
dir
->
i_op
||
!
dir
->
i_op
->
symlink
)
return
-
EPERM
;
return
-
EPERM
;
if
((
error
=
security_inode_symlink
(
dir
,
dentry
,
oldname
)))
error
=
security_inode_symlink
(
dir
,
dentry
,
oldname
);
if
(
error
)
return
error
;
return
error
;
DQUOT_INIT
(
dir
);
DQUOT_INIT
(
dir
);
...
@@ -1774,7 +1782,8 @@ int vfs_link(struct dentry *old_dentry, struct inode *dir, struct dentry *new_de
...
@@ -1774,7 +1782,8 @@ int vfs_link(struct dentry *old_dentry, struct inode *dir, struct dentry *new_de
if
(
S_ISDIR
(
old_dentry
->
d_inode
->
i_mode
))
if
(
S_ISDIR
(
old_dentry
->
d_inode
->
i_mode
))
return
-
EPERM
;
return
-
EPERM
;
if
((
error
=
security_inode_link
(
old_dentry
,
dir
,
new_dentry
)))
error
=
security_inode_link
(
old_dentry
,
dir
,
new_dentry
);
if
(
error
)
return
error
;
return
error
;
down
(
&
old_dentry
->
d_inode
->
i_sem
);
down
(
&
old_dentry
->
d_inode
->
i_sem
);
...
@@ -1882,7 +1891,8 @@ int vfs_rename_dir(struct inode *old_dir, struct dentry *old_dentry,
...
@@ -1882,7 +1891,8 @@ int vfs_rename_dir(struct inode *old_dir, struct dentry *old_dentry,
return
error
;
return
error
;
}
}
if
((
error
=
security_inode_rename
(
old_dir
,
old_dentry
,
new_dir
,
new_dentry
)))
error
=
security_inode_rename
(
old_dir
,
old_dentry
,
new_dir
,
new_dentry
);
if
(
error
)
return
error
;
return
error
;
target
=
new_dentry
->
d_inode
;
target
=
new_dentry
->
d_inode
;
...
@@ -1916,7 +1926,8 @@ int vfs_rename_other(struct inode *old_dir, struct dentry *old_dentry,
...
@@ -1916,7 +1926,8 @@ int vfs_rename_other(struct inode *old_dir, struct dentry *old_dentry,
struct
inode
*
target
;
struct
inode
*
target
;
int
error
;
int
error
;
if
((
error
=
security_inode_rename
(
old_dir
,
old_dentry
,
new_dir
,
new_dentry
)))
error
=
security_inode_rename
(
old_dir
,
old_dentry
,
new_dir
,
new_dentry
);
if
(
error
)
return
error
;
return
error
;
dget
(
new_dentry
);
dget
(
new_dentry
);
...
...
fs/namespace.c
View file @
ee099009
...
@@ -289,7 +289,8 @@ static int do_umount(struct vfsmount *mnt, int flags)
...
@@ -289,7 +289,8 @@ static int do_umount(struct vfsmount *mnt, int flags)
struct
super_block
*
sb
=
mnt
->
mnt_sb
;
struct
super_block
*
sb
=
mnt
->
mnt_sb
;
int
retval
=
0
;
int
retval
=
0
;
if
((
retval
=
security_sb_umount
(
mnt
,
flags
)))
retval
=
security_sb_umount
(
mnt
,
flags
);
if
(
retval
)
return
retval
;
return
retval
;
/*
/*
...
@@ -470,7 +471,8 @@ static int graft_tree(struct vfsmount *mnt, struct nameidata *nd)
...
@@ -470,7 +471,8 @@ static int graft_tree(struct vfsmount *mnt, struct nameidata *nd)
if
(
IS_DEADDIR
(
nd
->
dentry
->
d_inode
))
if
(
IS_DEADDIR
(
nd
->
dentry
->
d_inode
))
goto
out_unlock
;
goto
out_unlock
;
if
((
err
=
security_sb_check_sb
(
mnt
,
nd
)))
err
=
security_sb_check_sb
(
mnt
,
nd
);
if
(
err
)
goto
out_unlock
;
goto
out_unlock
;
spin_lock
(
&
dcache_lock
);
spin_lock
(
&
dcache_lock
);
...
@@ -740,7 +742,8 @@ long do_mount(char * dev_name, char * dir_name, char *type_page,
...
@@ -740,7 +742,8 @@ long do_mount(char * dev_name, char * dir_name, char *type_page,
if
(
retval
)
if
(
retval
)
return
retval
;
return
retval
;
if
((
retval
=
security_sb_mount
(
dev_name
,
&
nd
,
type_page
,
flags
,
data_page
)))
retval
=
security_sb_mount
(
dev_name
,
&
nd
,
type_page
,
flags
,
data_page
);
if
(
retval
)
goto
dput_out
;
goto
dput_out
;
if
(
flags
&
MS_REMOUNT
)
if
(
flags
&
MS_REMOUNT
)
...
@@ -985,7 +988,8 @@ asmlinkage long sys_pivot_root(const char *new_root, const char *put_old)
...
@@ -985,7 +988,8 @@ asmlinkage long sys_pivot_root(const char *new_root, const char *put_old)
if
(
error
)
if
(
error
)
goto
out1
;
goto
out1
;
if
((
error
=
security_sb_pivotroot
(
&
old_nd
,
&
new_nd
)))
{
error
=
security_sb_pivotroot
(
&
old_nd
,
&
new_nd
);
if
(
error
)
{
path_release
(
&
old_nd
);
path_release
(
&
old_nd
);
goto
out1
;
goto
out1
;
}
}
...
...
fs/open.c
View file @
ee099009
...
@@ -31,7 +31,8 @@ int vfs_statfs(struct super_block *sb, struct statfs *buf)
...
@@ -31,7 +31,8 @@ int vfs_statfs(struct super_block *sb, struct statfs *buf)
retval
=
-
ENOSYS
;
retval
=
-
ENOSYS
;
if
(
sb
->
s_op
&&
sb
->
s_op
->
statfs
)
{
if
(
sb
->
s_op
&&
sb
->
s_op
->
statfs
)
{
memset
(
buf
,
0
,
sizeof
(
struct
statfs
));
memset
(
buf
,
0
,
sizeof
(
struct
statfs
));
if
((
retval
=
security_sb_statfs
(
sb
)))
retval
=
security_sb_statfs
(
sb
);
if
(
retval
)
return
retval
;
return
retval
;
retval
=
sb
->
s_op
->
statfs
(
sb
,
buf
);
retval
=
sb
->
s_op
->
statfs
(
sb
,
buf
);
}
}
...
...
fs/read_write.c
View file @
ee099009
...
@@ -193,7 +193,8 @@ ssize_t vfs_read(struct file *file, char *buf, size_t count, loff_t *pos)
...
@@ -193,7 +193,8 @@ ssize_t vfs_read(struct file *file, char *buf, size_t count, loff_t *pos)
ret
=
locks_verify_area
(
FLOCK_VERIFY_READ
,
inode
,
file
,
*
pos
,
count
);
ret
=
locks_verify_area
(
FLOCK_VERIFY_READ
,
inode
,
file
,
*
pos
,
count
);
if
(
!
ret
)
{
if
(
!
ret
)
{
if
(
!
(
ret
=
security_file_permission
(
file
,
MAY_READ
)))
{
ret
=
security_file_permission
(
file
,
MAY_READ
);
if
(
!
ret
)
{
if
(
file
->
f_op
->
read
)
if
(
file
->
f_op
->
read
)
ret
=
file
->
f_op
->
read
(
file
,
buf
,
count
,
pos
);
ret
=
file
->
f_op
->
read
(
file
,
buf
,
count
,
pos
);
else
else
...
@@ -232,7 +233,8 @@ ssize_t vfs_write(struct file *file, const char *buf, size_t count, loff_t *pos)
...
@@ -232,7 +233,8 @@ ssize_t vfs_write(struct file *file, const char *buf, size_t count, loff_t *pos)
ret
=
locks_verify_area
(
FLOCK_VERIFY_WRITE
,
inode
,
file
,
*
pos
,
count
);
ret
=
locks_verify_area
(
FLOCK_VERIFY_WRITE
,
inode
,
file
,
*
pos
,
count
);
if
(
!
ret
)
{
if
(
!
ret
)
{
if
(
!
(
ret
=
security_file_permission
(
file
,
MAY_WRITE
)))
{
ret
=
security_file_permission
(
file
,
MAY_WRITE
);
if
(
!
ret
)
{
if
(
file
->
f_op
->
write
)
if
(
file
->
f_op
->
write
)
ret
=
file
->
f_op
->
write
(
file
,
buf
,
count
,
pos
);
ret
=
file
->
f_op
->
write
(
file
,
buf
,
count
,
pos
);
else
else
...
...
fs/readdir.c
View file @
ee099009
...
@@ -22,7 +22,8 @@ int vfs_readdir(struct file *file, filldir_t filler, void *buf)
...
@@ -22,7 +22,8 @@ int vfs_readdir(struct file *file, filldir_t filler, void *buf)
if
(
!
file
->
f_op
||
!
file
->
f_op
->
readdir
)
if
(
!
file
->
f_op
||
!
file
->
f_op
->
readdir
)
goto
out
;
goto
out
;
if
((
res
=
security_file_permission
(
file
,
MAY_READ
)))
res
=
security_file_permission
(
file
,
MAY_READ
);
if
(
res
)
goto
out
;
goto
out
;
down
(
&
inode
->
i_sem
);
down
(
&
inode
->
i_sem
);
...
...
fs/stat.c
View file @
ee099009
...
@@ -38,7 +38,8 @@ int vfs_getattr(struct vfsmount *mnt, struct dentry *dentry, struct kstat *stat)
...
@@ -38,7 +38,8 @@ int vfs_getattr(struct vfsmount *mnt, struct dentry *dentry, struct kstat *stat)
struct
inode
*
inode
=
dentry
->
d_inode
;
struct
inode
*
inode
=
dentry
->
d_inode
;
int
retval
;
int
retval
;
if
((
retval
=
security_inode_getattr
(
mnt
,
dentry
)))
retval
=
security_inode_getattr
(
mnt
,
dentry
);
if
(
retval
)
return
retval
;
return
retval
;
if
(
inode
->
i_op
->
getattr
)
if
(
inode
->
i_op
->
getattr
)
...
@@ -241,7 +242,8 @@ asmlinkage long sys_readlink(const char * path, char * buf, int bufsiz)
...
@@ -241,7 +242,8 @@ asmlinkage long sys_readlink(const char * path, char * buf, int bufsiz)
error
=
-
EINVAL
;
error
=
-
EINVAL
;
if
(
inode
->
i_op
&&
inode
->
i_op
->
readlink
)
{
if
(
inode
->
i_op
&&
inode
->
i_op
->
readlink
)
{
if
(
!
(
error
=
security_inode_readlink
(
nd
.
dentry
)))
{
error
=
security_inode_readlink
(
nd
.
dentry
);
if
(
!
error
)
{
UPDATE_ATIME
(
inode
);
UPDATE_ATIME
(
inode
);
error
=
inode
->
i_op
->
readlink
(
nd
.
dentry
,
buf
,
bufsiz
);
error
=
inode
->
i_op
->
readlink
(
nd
.
dentry
,
buf
,
bufsiz
);
}
}
...
...
fs/xattr.c
View file @
ee099009
...
@@ -86,7 +86,8 @@ setxattr(struct dentry *d, char *name, void *value, size_t size, int flags)
...
@@ -86,7 +86,8 @@ setxattr(struct dentry *d, char *name, void *value, size_t size, int flags)
error
=
-
EOPNOTSUPP
;
error
=
-
EOPNOTSUPP
;
if
(
d
->
d_inode
->
i_op
&&
d
->
d_inode
->
i_op
->
setxattr
)
{
if
(
d
->
d_inode
->
i_op
&&
d
->
d_inode
->
i_op
->
setxattr
)
{
if
((
error
=
security_inode_setxattr
(
d
,
kname
,
kvalue
,
size
,
flags
)))
error
=
security_inode_setxattr
(
d
,
kname
,
kvalue
,
size
,
flags
);
if
(
error
)
goto
out
;
goto
out
;
down
(
&
d
->
d_inode
->
i_sem
);
down
(
&
d
->
d_inode
->
i_sem
);
error
=
d
->
d_inode
->
i_op
->
setxattr
(
d
,
kname
,
kvalue
,
size
,
flags
);
error
=
d
->
d_inode
->
i_op
->
setxattr
(
d
,
kname
,
kvalue
,
size
,
flags
);
...
@@ -162,7 +163,8 @@ getxattr(struct dentry *d, char *name, void *value, size_t size)
...
@@ -162,7 +163,8 @@ getxattr(struct dentry *d, char *name, void *value, size_t size)
error
=
-
EOPNOTSUPP
;
error
=
-
EOPNOTSUPP
;
if
(
d
->
d_inode
->
i_op
&&
d
->
d_inode
->
i_op
->
getxattr
)
{
if
(
d
->
d_inode
->
i_op
&&
d
->
d_inode
->
i_op
->
getxattr
)
{
if
((
error
=
security_inode_getxattr
(
d
,
kname
)))
error
=
security_inode_getxattr
(
d
,
kname
);
if
(
error
)
goto
out
;
goto
out
;
down
(
&
d
->
d_inode
->
i_sem
);
down
(
&
d
->
d_inode
->
i_sem
);
error
=
d
->
d_inode
->
i_op
->
getxattr
(
d
,
kname
,
kvalue
,
size
);
error
=
d
->
d_inode
->
i_op
->
getxattr
(
d
,
kname
,
kvalue
,
size
);
...
@@ -234,7 +236,8 @@ listxattr(struct dentry *d, char *list, size_t size)
...
@@ -234,7 +236,8 @@ listxattr(struct dentry *d, char *list, size_t size)
error
=
-
EOPNOTSUPP
;
error
=
-
EOPNOTSUPP
;
if
(
d
->
d_inode
->
i_op
&&
d
->
d_inode
->
i_op
->
listxattr
)
{
if
(
d
->
d_inode
->
i_op
&&
d
->
d_inode
->
i_op
->
listxattr
)
{
if
((
error
=
security_inode_listxattr
(
d
)))
error
=
security_inode_listxattr
(
d
);
if
(
error
)
goto
out
;
goto
out
;
down
(
&
d
->
d_inode
->
i_sem
);
down
(
&
d
->
d_inode
->
i_sem
);
error
=
d
->
d_inode
->
i_op
->
listxattr
(
d
,
klist
,
size
);
error
=
d
->
d_inode
->
i_op
->
listxattr
(
d
,
klist
,
size
);
...
@@ -308,7 +311,8 @@ removexattr(struct dentry *d, char *name)
...
@@ -308,7 +311,8 @@ removexattr(struct dentry *d, char *name)
error
=
-
EOPNOTSUPP
;
error
=
-
EOPNOTSUPP
;
if
(
d
->
d_inode
->
i_op
&&
d
->
d_inode
->
i_op
->
removexattr
)
{
if
(
d
->
d_inode
->
i_op
&&
d
->
d_inode
->
i_op
->
removexattr
)
{
if
((
error
=
security_inode_removexattr
(
d
,
kname
)))
error
=
security_inode_removexattr
(
d
,
kname
);
if
(
error
)
goto
out
;
goto
out
;
down
(
&
d
->
d_inode
->
i_sem
);
down
(
&
d
->
d_inode
->
i_sem
);
error
=
d
->
d_inode
->
i_op
->
removexattr
(
d
,
kname
);
error
=
d
->
d_inode
->
i_op
->
removexattr
(
d
,
kname
);
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment