ipc: Directly call the security hook in ipc_ops.associate
After the last round of cleanups the shm, sem, and msg associate operations just became trivial wrappers around the appropriate security method. Simplify things further by just calling the security method directly. Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
This commit is contained in:
parent
51d6f2635b
commit
50ab44b1c5
10
ipc/msg.c
10
ipc/msg.c
|
@ -272,20 +272,12 @@ static void freeque(struct ipc_namespace *ns, struct kern_ipc_perm *ipcp)
|
||||||
ipc_rcu_putref(&msq->q_perm, msg_rcu_free);
|
ipc_rcu_putref(&msq->q_perm, msg_rcu_free);
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
|
||||||
* Called with msg_ids.rwsem and ipcp locked.
|
|
||||||
*/
|
|
||||||
static inline int msg_security(struct kern_ipc_perm *ipcp, int msgflg)
|
|
||||||
{
|
|
||||||
return security_msg_queue_associate(ipcp, msgflg);
|
|
||||||
}
|
|
||||||
|
|
||||||
SYSCALL_DEFINE2(msgget, key_t, key, int, msgflg)
|
SYSCALL_DEFINE2(msgget, key_t, key, int, msgflg)
|
||||||
{
|
{
|
||||||
struct ipc_namespace *ns;
|
struct ipc_namespace *ns;
|
||||||
static const struct ipc_ops msg_ops = {
|
static const struct ipc_ops msg_ops = {
|
||||||
.getnew = newque,
|
.getnew = newque,
|
||||||
.associate = msg_security,
|
.associate = security_msg_queue_associate,
|
||||||
};
|
};
|
||||||
struct ipc_params msg_params;
|
struct ipc_params msg_params;
|
||||||
|
|
||||||
|
|
10
ipc/sem.c
10
ipc/sem.c
|
@ -564,14 +564,6 @@ static int newary(struct ipc_namespace *ns, struct ipc_params *params)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Called with sem_ids.rwsem and ipcp locked.
|
|
||||||
*/
|
|
||||||
static inline int sem_security(struct kern_ipc_perm *ipcp, int semflg)
|
|
||||||
{
|
|
||||||
return security_sem_associate(ipcp, semflg);
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Called with sem_ids.rwsem and ipcp locked.
|
* Called with sem_ids.rwsem and ipcp locked.
|
||||||
*/
|
*/
|
||||||
|
@ -592,7 +584,7 @@ SYSCALL_DEFINE3(semget, key_t, key, int, nsems, int, semflg)
|
||||||
struct ipc_namespace *ns;
|
struct ipc_namespace *ns;
|
||||||
static const struct ipc_ops sem_ops = {
|
static const struct ipc_ops sem_ops = {
|
||||||
.getnew = newary,
|
.getnew = newary,
|
||||||
.associate = sem_security,
|
.associate = security_sem_associate,
|
||||||
.more_checks = sem_more_checks,
|
.more_checks = sem_more_checks,
|
||||||
};
|
};
|
||||||
struct ipc_params sem_params;
|
struct ipc_params sem_params;
|
||||||
|
|
10
ipc/shm.c
10
ipc/shm.c
|
@ -656,14 +656,6 @@ no_file:
|
||||||
return error;
|
return error;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
|
||||||
* Called with shm_ids.rwsem and ipcp locked.
|
|
||||||
*/
|
|
||||||
static inline int shm_security(struct kern_ipc_perm *ipcp, int shmflg)
|
|
||||||
{
|
|
||||||
return security_shm_associate(ipcp, shmflg);
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Called with shm_ids.rwsem and ipcp locked.
|
* Called with shm_ids.rwsem and ipcp locked.
|
||||||
*/
|
*/
|
||||||
|
@ -684,7 +676,7 @@ SYSCALL_DEFINE3(shmget, key_t, key, size_t, size, int, shmflg)
|
||||||
struct ipc_namespace *ns;
|
struct ipc_namespace *ns;
|
||||||
static const struct ipc_ops shm_ops = {
|
static const struct ipc_ops shm_ops = {
|
||||||
.getnew = newseg,
|
.getnew = newseg,
|
||||||
.associate = shm_security,
|
.associate = security_shm_associate,
|
||||||
.more_checks = shm_more_checks,
|
.more_checks = shm_more_checks,
|
||||||
};
|
};
|
||||||
struct ipc_params shm_params;
|
struct ipc_params shm_params;
|
||||||
|
|
Loading…
Reference in New Issue