diff options
author | Al Viro <viro@zeniv.linux.org.uk> | 2011-06-20 19:38:15 -0400 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2011-07-20 01:43:26 -0400 |
commit | e74f71eb78a4a8b9eaf1bc65f20f761648e85f76 (patch) | |
tree | 7bc7fc1344f5ed6e3ce8132b36125ef5cec6407c /security/selinux | |
parent | 10556cb21a0d0b24d95f00ea6df16f599a3345b2 (diff) | |
download | linux-e74f71eb78a4a8b9eaf1bc65f20f761648e85f76.tar.bz2 |
->permission() sanitizing: don't pass flags to ->inode_permission()
pass that via mask instead.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'security/selinux')
-rw-r--r-- | security/selinux/hooks.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 20219ef5439a..47a059fff344 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2659,12 +2659,13 @@ static int selinux_inode_follow_link(struct dentry *dentry, struct nameidata *na return dentry_has_perm(cred, dentry, FILE__READ); } -static int selinux_inode_permission(struct inode *inode, int mask, unsigned flags) +static int selinux_inode_permission(struct inode *inode, int mask) { const struct cred *cred = current_cred(); struct common_audit_data ad; u32 perms; bool from_access; + unsigned __flags = mask & MAY_NOT_BLOCK ? IPERM_FLAG_RCU : 0; from_access = mask & MAY_ACCESS; mask &= (MAY_READ|MAY_WRITE|MAY_EXEC|MAY_APPEND); @@ -2681,7 +2682,7 @@ static int selinux_inode_permission(struct inode *inode, int mask, unsigned flag perms = file_mask_to_av(inode->i_mode, mask); - return inode_has_perm(cred, inode, perms, &ad, flags); + return inode_has_perm(cred, inode, perms, &ad, __flags); } static int selinux_inode_setattr(struct dentry *dentry, struct iattr *iattr) |