From b77b0646ef4efe31a7449bb3d9360fd00f95433d Mon Sep 17 00:00:00 2001 From: Al Viro Date: Thu, 17 Jul 2008 09:37:02 -0400 Subject: [PATCH] pass MAY_OPEN to vfs_permission() explicitly ... and get rid of the last "let's deduce mask from nameidata->flags" bit. Signed-off-by: Al Viro --- security/security.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'security/security.c') diff --git a/security/security.c b/security/security.c index 59f23b5918b..78ed3ffde24 100644 --- a/security/security.c +++ b/security/security.c @@ -429,11 +429,11 @@ int security_inode_follow_link(struct dentry *dentry, struct nameidata *nd) return security_ops->inode_follow_link(dentry, nd); } -int security_inode_permission(struct inode *inode, int mask, struct nameidata *nd) +int security_inode_permission(struct inode *inode, int mask) { if (unlikely(IS_PRIVATE(inode))) return 0; - return security_ops->inode_permission(inode, mask, nd); + return security_ops->inode_permission(inode, mask); } int security_inode_setattr(struct dentry *dentry, struct iattr *attr) -- cgit v1.2.3 From b1da47e29e467f1ec36dc78d009bfb109fd533c7 Mon Sep 17 00:00:00 2001 From: Miklos Szeredi Date: Tue, 1 Jul 2008 15:01:28 +0200 Subject: [patch 3/4] fat: dont call notify_change The FAT_IOCTL_SET_ATTRIBUTES ioctl() calls notify_change() to change the file mode before changing the inode attributes. Replace with explicit calls to security_inode_setattr(), fat_setattr() and fsnotify_change(). This is equivalent to the original. The reason it is needed, is that later in the series we move the immutable check into notify_change(). That would break the FAT_IOCTL_SET_ATTRIBUTES ioctl, as it needs to perform the mode change regardless of the immutability of the file. [Fix error if fat is built as a module. Thanks to OGAWA Hirofumi for noticing.] Signed-off-by: Miklos Szeredi Acked-by: OGAWA Hirofumi Signed-off-by: Al Viro --- security/security.c | 1 + 1 file changed, 1 insertion(+) (limited to 'security/security.c') diff --git a/security/security.c b/security/security.c index 78ed3ffde24..ff706872775 100644 --- a/security/security.c +++ b/security/security.c @@ -442,6 +442,7 @@ int security_inode_setattr(struct dentry *dentry, struct iattr *attr) return 0; return security_ops->inode_setattr(dentry, attr); } +EXPORT_SYMBOL_GPL(security_inode_setattr); int security_inode_getattr(struct vfsmount *mnt, struct dentry *dentry) { -- cgit v1.2.3