summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNeilBrown <neilb@suse.de>2015-03-23 13:37:39 +1100
committerAl Viro <viro@zeniv.linux.org.uk>2015-05-10 22:18:29 -0400
commit37882db0546c759ff75b561c188539ac96fd0bfe (patch)
tree2bf5152d8ee7963d5d46d9fe25c1cb3c10be29c6
parentb4272646293b46fb8c7bc9b5176eb94d8141a278 (diff)
downloadlinux-stable-37882db0546c759ff75b561c188539ac96fd0bfe.tar.gz
linux-stable-37882db0546c759ff75b561c188539ac96fd0bfe.tar.bz2
linux-stable-37882db0546c759ff75b561c188539ac96fd0bfe.zip
SECURITY: remove nameidata arg from inode_follow_link.
No ->inode_follow_link() methods use the nameidata arg, and it is about to become private to namei.c. So remove from all inode_follow_link() functions. Signed-off-by: NeilBrown <neilb@suse.de> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-rw-r--r--fs/namei.c2
-rw-r--r--include/linux/security.h9
-rw-r--r--security/capability.c3
-rw-r--r--security/security.c4
-rw-r--r--security/selinux/hooks.c2
5 files changed, 8 insertions, 12 deletions
diff --git a/fs/namei.c b/fs/namei.c
index fe30d3be43a8..7f20b40426dc 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -871,7 +871,7 @@ follow_link(struct path *link, struct nameidata *nd, void **p)
touch_atime(link);
nd_set_link(nd, NULL);
- error = security_inode_follow_link(link->dentry, nd);
+ error = security_inode_follow_link(dentry);
if (error)
goto out_put_nd_path;
diff --git a/include/linux/security.h b/include/linux/security.h
index 18264ea9e314..62a66202ecf1 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -43,7 +43,6 @@ struct file;
struct vfsmount;
struct path;
struct qstr;
-struct nameidata;
struct iattr;
struct fown_struct;
struct file_operations;
@@ -477,7 +476,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
* @inode_follow_link:
* Check permission to follow a symbolic link when looking up a pathname.
* @dentry contains the dentry structure for the link.
- * @nd contains the nameidata structure for the parent directory.
* Return 0 if permission is granted.
* @inode_permission:
* Check permission before accessing an inode. This hook is called by the
@@ -1553,7 +1551,7 @@ struct security_operations {
int (*inode_rename) (struct inode *old_dir, struct dentry *old_dentry,
struct inode *new_dir, struct dentry *new_dentry);
int (*inode_readlink) (struct dentry *dentry);
- int (*inode_follow_link) (struct dentry *dentry, struct nameidata *nd);
+ int (*inode_follow_link) (struct dentry *dentry);
int (*inode_permission) (struct inode *inode, int mask);
int (*inode_setattr) (struct dentry *dentry, struct iattr *attr);
int (*inode_getattr) (const struct path *path);
@@ -1839,7 +1837,7 @@ int security_inode_rename(struct inode *old_dir, struct dentry *old_dentry,
struct inode *new_dir, struct dentry *new_dentry,
unsigned int flags);
int security_inode_readlink(struct dentry *dentry);
-int security_inode_follow_link(struct dentry *dentry, struct nameidata *nd);
+int security_inode_follow_link(struct dentry *dentry);
int security_inode_permission(struct inode *inode, int mask);
int security_inode_setattr(struct dentry *dentry, struct iattr *attr);
int security_inode_getattr(const struct path *path);
@@ -2241,8 +2239,7 @@ static inline int security_inode_readlink(struct dentry *dentry)
return 0;
}
-static inline int security_inode_follow_link(struct dentry *dentry,
- struct nameidata *nd)
+static inline int security_inode_follow_link(struct dentry *dentry)
{
return 0;
}
diff --git a/security/capability.c b/security/capability.c
index 0d03fcc489a4..fae99db180ca 100644
--- a/security/capability.c
+++ b/security/capability.c
@@ -209,8 +209,7 @@ static int cap_inode_readlink(struct dentry *dentry)
return 0;
}
-static int cap_inode_follow_link(struct dentry *dentry,
- struct nameidata *nameidata)
+static int cap_inode_follow_link(struct dentry *dentry)
{
return 0;
}
diff --git a/security/security.c b/security/security.c
index 8e9b1f4b9b45..d7c30b03e144 100644
--- a/security/security.c
+++ b/security/security.c
@@ -581,11 +581,11 @@ int security_inode_readlink(struct dentry *dentry)
return security_ops->inode_readlink(dentry);
}
-int security_inode_follow_link(struct dentry *dentry, struct nameidata *nd)
+int security_inode_follow_link(struct dentry *dentry)
{
if (unlikely(IS_PRIVATE(d_backing_inode(dentry))))
return 0;
- return security_ops->inode_follow_link(dentry, nd);
+ return security_ops->inode_follow_link(dentry);
}
int security_inode_permission(struct inode *inode, int mask)
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 7dade28affba..801622947282 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -2861,7 +2861,7 @@ static int selinux_inode_readlink(struct dentry *dentry)
return dentry_has_perm(cred, dentry, FILE__READ);
}
-static int selinux_inode_follow_link(struct dentry *dentry, struct nameidata *nameidata)
+static int selinux_inode_follow_link(struct dentry *dentry)
{
const struct cred *cred = current_cred();