This is needed for computing pathnames in the AppArmor LSM.

Signed-off-by: Tony Jones <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Signed-off-by: John Johansen <[EMAIL PROTECTED]>

---
 fs/xattr.c               |    2 +-
 include/linux/security.h |   13 ++++++++-----
 security/dummy.c         |    3 ++-
 security/selinux/hooks.c |    3 ++-
 4 files changed, 13 insertions(+), 8 deletions(-)

--- a/fs/xattr.c
+++ b/fs/xattr.c
@@ -116,7 +116,7 @@ vfs_getxattr(struct dentry *dentry, stru
        if (error)
                return error;
 
-       error = security_inode_getxattr(dentry, name);
+       error = security_inode_getxattr(dentry, mnt, name);
        if (error)
                return error;
 
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -391,7 +391,7 @@ struct request_sock;
  *     @value identified by @name for @dentry and @mnt.
  * @inode_getxattr:
  *     Check permission before obtaining the extended attributes
- *     identified by @name for @dentry.
+ *     identified by @name for @dentry and @mnt.
  *     Return 0 if permission is granted.
  * @inode_listxattr:
  *     Check permission before obtaining the list of extended attribute 
@@ -1248,7 +1248,8 @@ struct security_operations {
                                     struct vfsmount *mnt,
                                     char *name, void *value,
                                     size_t size, int flags);
-       int (*inode_getxattr) (struct dentry *dentry, char *name);
+       int (*inode_getxattr) (struct dentry *dentry, struct vfsmount *mnt,
+                              char *name);
        int (*inode_listxattr) (struct dentry *dentry);
        int (*inode_removexattr) (struct dentry *dentry, char *name);
        const char *(*inode_xattr_getsuffix) (void);
@@ -1782,11 +1783,12 @@ static inline void security_inode_post_s
        security_ops->inode_post_setxattr (dentry, mnt, name, value, size, 
flags);
 }
 
-static inline int security_inode_getxattr (struct dentry *dentry, char *name)
+static inline int security_inode_getxattr (struct dentry *dentry,
+                                           struct vfsmount *mnt, char *name)
 {
        if (unlikely (IS_PRIVATE (dentry->d_inode)))
                return 0;
-       return security_ops->inode_getxattr (dentry, name);
+       return security_ops->inode_getxattr (dentry, mnt, name);
 }
 
 static inline int security_inode_listxattr (struct dentry *dentry)
@@ -2487,7 +2489,8 @@ static inline void security_inode_post_s
                                                 int flags)
 { }
 
-static inline int security_inode_getxattr (struct dentry *dentry, char *name)
+static inline int security_inode_getxattr (struct dentry *dentry,
+                                           struct vfsmount *mnt, char *name)
 {
        return 0;
 }
--- a/security/dummy.c
+++ b/security/dummy.c
@@ -368,7 +368,8 @@ static void dummy_inode_post_setxattr (s
 {
 }
 
-static int dummy_inode_getxattr (struct dentry *dentry, char *name)
+static int dummy_inode_getxattr (struct dentry *dentry,
+                                 struct vfsmount *mnt, char *name)
 {
        return 0;
 }
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -2393,7 +2393,8 @@ static void selinux_inode_post_setxattr(
        return;
 }
 
-static int selinux_inode_getxattr (struct dentry *dentry, char *name)
+static int selinux_inode_getxattr (struct dentry *dentry, struct vfsmount *mnt,
+                                  char *name)
 {
        return dentry_has_perm(current, NULL, dentry, FILE__GETATTR);
 }

-- 
-
To unsubscribe from this list: send the line "unsubscribe 
linux-security-module" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to