selinux: Pass security pointer to determine_inode_label()
Right now selinux_determine_inode_label() works on security pointer of current task. Soon I need this to work on a security pointer retrieved from a set of creds. So start passing in a pointer and caller can decide where to fetch security pointer from. Signed-off-by: Vivek Goyal <vgoyal@redhat.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Paul Moore <paul@paul-moore.com>
This commit is contained in:
parent
19472b69d6
commit
c957f6df52
|
@ -1808,13 +1808,13 @@ out:
|
|||
/*
|
||||
* Determine the label for an inode that might be unioned.
|
||||
*/
|
||||
static int selinux_determine_inode_label(struct inode *dir,
|
||||
const struct qstr *name,
|
||||
u16 tclass,
|
||||
u32 *_new_isid)
|
||||
static int
|
||||
selinux_determine_inode_label(const struct task_security_struct *tsec,
|
||||
struct inode *dir,
|
||||
const struct qstr *name, u16 tclass,
|
||||
u32 *_new_isid)
|
||||
{
|
||||
const struct superblock_security_struct *sbsec = dir->i_sb->s_security;
|
||||
const struct task_security_struct *tsec = current_security();
|
||||
|
||||
if ((sbsec->flags & SE_SBINITIALIZED) &&
|
||||
(sbsec->behavior == SECURITY_FS_USE_MNTPOINT)) {
|
||||
|
@ -1857,8 +1857,8 @@ static int may_create(struct inode *dir,
|
|||
if (rc)
|
||||
return rc;
|
||||
|
||||
rc = selinux_determine_inode_label(dir, &dentry->d_name, tclass,
|
||||
&newsid);
|
||||
rc = selinux_determine_inode_label(current_security(), dir,
|
||||
&dentry->d_name, tclass, &newsid);
|
||||
if (rc)
|
||||
return rc;
|
||||
|
||||
|
@ -2838,7 +2838,8 @@ static int selinux_dentry_init_security(struct dentry *dentry, int mode,
|
|||
u32 newsid;
|
||||
int rc;
|
||||
|
||||
rc = selinux_determine_inode_label(d_inode(dentry->d_parent), name,
|
||||
rc = selinux_determine_inode_label(current_security(),
|
||||
d_inode(dentry->d_parent), name,
|
||||
inode_mode_to_security_class(mode),
|
||||
&newsid);
|
||||
if (rc)
|
||||
|
@ -2863,7 +2864,7 @@ static int selinux_inode_init_security(struct inode *inode, struct inode *dir,
|
|||
sid = tsec->sid;
|
||||
newsid = tsec->create_sid;
|
||||
|
||||
rc = selinux_determine_inode_label(
|
||||
rc = selinux_determine_inode_label(current_security(),
|
||||
dir, qstr,
|
||||
inode_mode_to_security_class(inode->i_mode),
|
||||
&newsid);
|
||||
|
|
Loading…
Reference in New Issue