1
Pass struct vfsmount to the inode_mknod LSM hook
3
Signed-off-by: Tony Jones <tonyj@suse.de>
4
Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
7
===================================================================
10
@@ -1851,7 +1851,7 @@ int vfs_mknod(struct inode *dir, struct
11
if (!dir->i_op || !dir->i_op->mknod)
14
- error = security_inode_mknod(dir, dentry, mode, dev);
15
+ error = security_inode_mknod(dir, dentry, mnt, mode, dev);
19
Index: b/include/linux/security.h
20
===================================================================
21
--- a/include/linux/security.h
22
+++ b/include/linux/security.h
23
@@ -323,6 +323,7 @@ struct request_sock;
25
* @dir contains the inode structure of parent of the new file.
26
* @dentry contains the dentry structure of the new file.
27
+ * @mnt is the vfsmount corresponding to @dentry (may be NULL).
28
* @mode contains the mode of the new file.
29
* @dev contains the the device number.
30
* Return 0 if permission is granted.
31
@@ -1218,7 +1219,7 @@ struct security_operations {
32
struct vfsmount *mnt, int mode);
33
int (*inode_rmdir) (struct inode *dir, struct dentry *dentry);
34
int (*inode_mknod) (struct inode *dir, struct dentry *dentry,
35
- int mode, dev_t dev);
36
+ struct vfsmount *mnt, int mode, dev_t dev);
37
int (*inode_rename) (struct inode *old_dir, struct dentry *old_dentry,
38
struct inode *new_dir, struct dentry *new_dentry);
39
int (*inode_readlink) (struct dentry *dentry);
40
@@ -1670,11 +1671,12 @@ static inline int security_inode_rmdir (
42
static inline int security_inode_mknod (struct inode *dir,
43
struct dentry *dentry,
44
+ struct vfsmount *mnt,
47
if (unlikely (IS_PRIVATE (dir)))
49
- return security_ops->inode_mknod (dir, dentry, mode, dev);
50
+ return security_ops->inode_mknod (dir, dentry, mnt, mode, dev);
53
static inline int security_inode_rename (struct inode *old_dir,
54
@@ -2388,6 +2390,7 @@ static inline int security_inode_rmdir (
56
static inline int security_inode_mknod (struct inode *dir,
57
struct dentry *dentry,
58
+ struct vfsmount *mnt,
62
Index: b/security/dummy.c
63
===================================================================
64
--- a/security/dummy.c
65
+++ b/security/dummy.c
66
@@ -299,7 +299,7 @@ static int dummy_inode_rmdir (struct ino
69
static int dummy_inode_mknod (struct inode *inode, struct dentry *dentry,
70
- int mode, dev_t dev)
71
+ struct vfsmount *mnt, int mode, dev_t dev)
75
Index: b/security/selinux/hooks.c
76
===================================================================
77
--- a/security/selinux/hooks.c
78
+++ b/security/selinux/hooks.c
79
@@ -2220,11 +2220,12 @@ static int selinux_inode_rmdir(struct in
80
return may_link(dir, dentry, MAY_RMDIR);
83
-static int selinux_inode_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev)
84
+static int selinux_inode_mknod(struct inode *dir, struct dentry *dentry,
85
+ struct vfsmount *mnt, int mode, dev_t dev)
89
- rc = secondary_ops->inode_mknod(dir, dentry, mode, dev);
90
+ rc = secondary_ops->inode_mknod(dir, dentry, mnt, mode, dev);