summaryrefslogtreecommitdiffstats
path: root/fs
diff options
context:
space:
mode:
authorNeilBrown <neilb@suse.de>2015-03-23 03:37:39 +0100
committerAl Viro <viro@zeniv.linux.org.uk>2015-05-11 14:13:11 +0200
commitbda0be7ad994812960e9f8f2d2757f72cb4a96cb (patch)
treef769e7c4511b64432438f82a8426248e75a8ad7b /fs
parentsecurity/selinux: pass 'flags' arg to avc_audit() and avc_has_perm_flags() (diff)
downloadlinux-bda0be7ad994812960e9f8f2d2757f72cb4a96cb.tar.xz
linux-bda0be7ad994812960e9f8f2d2757f72cb4a96cb.zip
security: make inode_follow_link RCU-walk aware
inode_follow_link now takes an inode and rcu flag as well as the dentry. inode is used in preference to d_backing_inode(dentry), particularly in RCU-walk mode. selinux_inode_follow_link() gets dentry_has_perm() and inode_has_perm() open-coded into it so that it can call avc_has_perm_flags() in way that is safe if LOOKUP_RCU is set. Calling avc_has_perm_flags() with rcu_read_lock() held means that when avc_has_perm_noaudit calls avc_compute_av(), the attempt to rcu_read_unlock() before calling security_compute_av() will not actually drop the RCU read-lock. However as security_compute_av() is completely in a read_lock()ed region, it should be safe with the RCU read-lock held. Signed-off-by: NeilBrown <neilb@suse.de> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'fs')
-rw-r--r--fs/namei.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/fs/namei.c b/fs/namei.c
index 33b655de0ec0..0fa7af23cff6 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -881,8 +881,9 @@ const char *get_link(struct nameidata *nd)
touch_atime(&last->link);
- error = security_inode_follow_link(dentry);
- if (error)
+ error = security_inode_follow_link(dentry, inode,
+ nd->flags & LOOKUP_RCU);
+ if (unlikely(error))
return ERR_PTR(error);
nd->last_type = LAST_BIND;