|
@@ -1808,13 +1808,13 @@ out:
|
|
|
/*
|
|
/*
|
|
|
* Determine the label for an inode that might be unioned.
|
|
* Determine the label for an inode that might be unioned.
|
|
|
*/
|
|
*/
|
|
|
-static int selinux_determine_inode_label(struct inode *dir,
|
|
|
|
|
- const struct qstr *name,
|
|
|
|
|
- u16 tclass,
|
|
|
|
|
- u32 *_new_isid)
|
|
|
|
|
|
|
+static int
|
|
|
|
|
+selinux_determine_inode_label(const struct task_security_struct *tsec,
|
|
|
|
|
+ struct inode *dir,
|
|
|
|
|
+ const struct qstr *name, u16 tclass,
|
|
|
|
|
+ u32 *_new_isid)
|
|
|
{
|
|
{
|
|
|
const struct superblock_security_struct *sbsec = dir->i_sb->s_security;
|
|
const struct superblock_security_struct *sbsec = dir->i_sb->s_security;
|
|
|
- const struct task_security_struct *tsec = current_security();
|
|
|
|
|
|
|
|
|
|
if ((sbsec->flags & SE_SBINITIALIZED) &&
|
|
if ((sbsec->flags & SE_SBINITIALIZED) &&
|
|
|
(sbsec->behavior == SECURITY_FS_USE_MNTPOINT)) {
|
|
(sbsec->behavior == SECURITY_FS_USE_MNTPOINT)) {
|
|
@@ -1857,8 +1857,8 @@ static int may_create(struct inode *dir,
|
|
|
if (rc)
|
|
if (rc)
|
|
|
return rc;
|
|
return rc;
|
|
|
|
|
|
|
|
- rc = selinux_determine_inode_label(dir, &dentry->d_name, tclass,
|
|
|
|
|
- &newsid);
|
|
|
|
|
|
|
+ rc = selinux_determine_inode_label(current_security(), dir,
|
|
|
|
|
+ &dentry->d_name, tclass, &newsid);
|
|
|
if (rc)
|
|
if (rc)
|
|
|
return rc;
|
|
return rc;
|
|
|
|
|
|
|
@@ -2838,7 +2838,8 @@ static int selinux_dentry_init_security(struct dentry *dentry, int mode,
|
|
|
u32 newsid;
|
|
u32 newsid;
|
|
|
int rc;
|
|
int rc;
|
|
|
|
|
|
|
|
- rc = selinux_determine_inode_label(d_inode(dentry->d_parent), name,
|
|
|
|
|
|
|
+ rc = selinux_determine_inode_label(current_security(),
|
|
|
|
|
+ d_inode(dentry->d_parent), name,
|
|
|
inode_mode_to_security_class(mode),
|
|
inode_mode_to_security_class(mode),
|
|
|
&newsid);
|
|
&newsid);
|
|
|
if (rc)
|
|
if (rc)
|
|
@@ -2863,7 +2864,7 @@ static int selinux_inode_init_security(struct inode *inode, struct inode *dir,
|
|
|
sid = tsec->sid;
|
|
sid = tsec->sid;
|
|
|
newsid = tsec->create_sid;
|
|
newsid = tsec->create_sid;
|
|
|
|
|
|
|
|
- rc = selinux_determine_inode_label(
|
|
|
|
|
|
|
+ rc = selinux_determine_inode_label(current_security(),
|
|
|
dir, qstr,
|
|
dir, qstr,
|
|
|
inode_mode_to_security_class(inode->i_mode),
|
|
inode_mode_to_security_class(inode->i_mode),
|
|
|
&newsid);
|
|
&newsid);
|
Vivek Goyal