před 18 roky · 3d5ff529ea
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1120,8 +1120,8 @@ static int file_has_perm(struct task_struct *tsk,
 
				 {
			
 
				 	struct task_security_struct *tsec = tsk->security;
			
 
				 	struct file_security_struct *fsec = file->f_security;
			
 
				-	struct vfsmount *mnt = file->f_vfsmnt;
			
 
				-	struct dentry *dentry = file->f_dentry;
			
 
				+	struct vfsmount *mnt = file->f_path.mnt;
			
 
				+	struct dentry *dentry = file->f_path.dentry;
			
 
				 	struct inode *inode = dentry->d_inode;
			
 
				 	struct avc_audit_data ad;
			
 
				 	int rc;
			
@@ -1581,7 +1581,7 @@ static int selinux_bprm_alloc_security(struct linux_binprm *bprm)
 
				 static int selinux_bprm_set_security(struct linux_binprm *bprm)
			
 
				 {
			
 
				 	struct task_security_struct *tsec;
			
 
				-	struct inode *inode = bprm->file->f_dentry->d_inode;
			
 
				+	struct inode *inode = bprm->file->f_path.dentry->d_inode;
			
 
				 	struct inode_security_struct *isec;
			
 
				 	struct bprm_security_struct *bsec;
			
 
				 	u32 newsid;
			
@@ -1621,10 +1621,10 @@ static int selinux_bprm_set_security(struct linux_binprm *bprm)
 
				 	}
			
 
				 
			
 
				 	AVC_AUDIT_DATA_INIT(&ad, FS);
			
 
				-	ad.u.fs.mnt = bprm->file->f_vfsmnt;
			
 
				-	ad.u.fs.dentry = bprm->file->f_dentry;
			
 
				+	ad.u.fs.mnt = bprm->file->f_path.mnt;
			
 
				+	ad.u.fs.dentry = bprm->file->f_path.dentry;
			
 
				 
			
 
				-	if (bprm->file->f_vfsmnt->mnt_flags & MNT_NOSUID)
			
 
				+	if (bprm->file->f_path.mnt->mnt_flags & MNT_NOSUID)
			
 
				 		newsid = tsec->sid;
			
 
				 
			
 
				         if (tsec->sid == newsid) {
			
@@ -1708,7 +1708,7 @@ static inline void flush_unauthorized_files(struct files_struct * files)
 
				 			   than using file_has_perm, as this particular open
			
 
				 			   file may belong to another process and we are only
			
 
				 			   interested in the inode-based check here. */
			
 
				-			struct inode *inode = file->f_dentry->d_inode;
			
 
				+			struct inode *inode = file->f_path.dentry->d_inode;
			
 
				 			if (inode_has_perm(current, inode,
			
 
				 					   FILE__READ | FILE__WRITE, NULL)) {
			
 
				 				drop_tty = 1;
			
@@ -2420,7 +2420,7 @@ static int selinux_inode_listsecurity(struct inode *inode, char *buffer, size_t
 
				 static int selinux_file_permission(struct file *file, int mask)
			
 
				 {
			
 
				 	int rc;
			
 
				-	struct inode *inode = file->f_dentry->d_inode;
			
 
				+	struct inode *inode = file->f_path.dentry->d_inode;
			
 
				 
			
 
				 	if (!mask) {
			
 
				 		/* No permission to check.  Existence test. */
			
@@ -2597,7 +2597,7 @@ static int selinux_file_fcntl(struct file *file, unsigned int cmd,
 
				 
			
 
				 	switch (cmd) {
			
 
				 	        case F_SETFL:
			
 
				-			if (!file->f_dentry || !file->f_dentry->d_inode) {
			
 
				+			if (!file->f_path.dentry || !file->f_path.dentry->d_inode) {
			
 
				 				err = -EINVAL;
			
 
				 				break;
			
 
				 			}
			
@@ -2623,7 +2623,7 @@ static int selinux_file_fcntl(struct file *file, unsigned int cmd,
 
				 		case F_SETLK64:
			
 
				 	        case F_SETLKW64:
			
 
				 #endif
			
 
				-			if (!file->f_dentry || !file->f_dentry->d_inode) {
			
 
				+			if (!file->f_path.dentry || !file->f_path.dentry->d_inode) {
			
 
				 				err = -EINVAL;
			
 
				 				break;
			
 
				 			}
			
--- a/security/selinux/selinuxfs.c
+++ b/security/selinux/selinuxfs.c
@@ -448,7 +448,7 @@ static ssize_t (*write_op[])(struct file *, char *, size_t) = {
 
				 
			
 
				 static ssize_t selinux_transaction_write(struct file *file, const char __user *buf, size_t size, loff_t *pos)
			
 
				 {
			
 
				-	ino_t ino =  file->f_dentry->d_inode->i_ino;
			
 
				+	ino_t ino =  file->f_path.dentry->d_inode->i_ino;
			
 
				 	char *data;
			
 
				 	ssize_t rv;
			
 
				 
			
@@ -805,7 +805,7 @@ static ssize_t sel_read_bool(struct file *filep, char __user *buf,
 
				 		goto out;
			
 
				 	}
			
 
				 
			
 
				-	inode = filep->f_dentry->d_inode;
			
 
				+	inode = filep->f_path.dentry->d_inode;
			
 
				 	cur_enforcing = security_get_bool_value(inode->i_ino - BOOL_INO_OFFSET);
			
 
				 	if (cur_enforcing < 0) {
			
 
				 		ret = cur_enforcing;
			
@@ -864,7 +864,7 @@ static ssize_t sel_write_bool(struct file *filep, const char __user *buf,
 
				 	if (new_value)
			
 
				 		new_value = 1;
			
 
				 
			
 
				-	inode = filep->f_dentry->d_inode;
			
 
				+	inode = filep->f_path.dentry->d_inode;
			
 
				 	bool_pending_values[inode->i_ino - BOOL_INO_OFFSET] = new_value;
			
 
				 	length = count;
			
 
				 
			
@@ -965,7 +965,7 @@ static void sel_remove_bools(struct dentry *de)
 
				 	file_list_lock();
			
 
				 	list_for_each(p, &sb->s_files) {
			
 
				 		struct file * filp = list_entry(p, struct file, f_u.fu_list);
			
 
				-		struct dentry * dentry = filp->f_dentry;
			
 
				+		struct dentry * dentry = filp->f_path.dentry;
			
 
				 
			
 
				 		if (dentry->d_parent != de) {
			
 
				 			continue;