linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: jjohansen@suse.de
To: akpm@linux-foundation.org
Cc: linux-kernel@vger.kernel.org,
	linux-security-module@vger.kernel.org,
	linux-fsdevel@vger.kernel.org, Tony Jones <tonyj@suse.de>,
	Andreas Gruenbacher <agruen@suse.de>,
	John Johansen <jjohansen@suse.de>
Subject: [AppArmor 09/44] Add a struct vfsmount parameter to vfs_symlink()
Date: Tue, 26 Jun 2007 16:08:05 -0700	[thread overview]
Message-ID: <20070626230929.501398654@suse.de> (raw)
In-Reply-To: 20070626230756.519733902@suse.de

[-- Attachment #1: vfs-symlink.diff --]
[-- Type: text/plain, Size: 4135 bytes --]

The vfsmount will be passed down to the LSM hook so that LSMs can compute
pathnames.

Signed-off-by: Tony Jones <tonyj@suse.de>
Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
Signed-off-by: John Johansen <jjohansen@suse.de>

---
 fs/ecryptfs/inode.c |    4 +++-
 fs/namei.c          |    6 ++++--
 fs/nfsd/vfs.c       |   12 ++++++++----
 include/linux/fs.h  |    2 +-
 4 files changed, 16 insertions(+), 8 deletions(-)

--- a/fs/ecryptfs/inode.c
+++ b/fs/ecryptfs/inode.c
@@ -470,6 +470,7 @@ static int ecryptfs_symlink(struct inode
 {
 	int rc;
 	struct dentry *lower_dentry;
+	struct vfsmount *lower_mnt;
 	struct dentry *lower_dir_dentry;
 	umode_t mode;
 	char *encoded_symname;
@@ -478,6 +479,7 @@ static int ecryptfs_symlink(struct inode
 
 	lower_dentry = ecryptfs_dentry_to_lower(dentry);
 	dget(lower_dentry);
+	lower_mnt = ecryptfs_dentry_to_lower_mnt(dentry);
 	lower_dir_dentry = lock_parent(lower_dentry);
 	mode = S_IALLUGO;
 	encoded_symlen = ecryptfs_encode_filename(crypt_stat, symname,
@@ -487,7 +489,7 @@ static int ecryptfs_symlink(struct inode
 		rc = encoded_symlen;
 		goto out_lock;
 	}
-	rc = vfs_symlink(lower_dir_dentry->d_inode, lower_dentry,
+	rc = vfs_symlink(lower_dir_dentry->d_inode, lower_dentry, lower_mnt,
 			 encoded_symname, mode);
 	kfree(encoded_symname);
 	if (rc || !lower_dentry->d_inode)
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -2203,7 +2203,8 @@ asmlinkage long sys_unlink(const char __
 	return do_unlinkat(AT_FDCWD, pathname);
 }
 
-int vfs_symlink(struct inode *dir, struct dentry *dentry, const char *oldname, int mode)
+int vfs_symlink(struct inode *dir, struct dentry *dentry, struct vfsmount *mnt,
+		const char *oldname, int mode)
 {
 	int error = may_create(dir, dentry, NULL);
 
@@ -2249,7 +2250,8 @@ asmlinkage long sys_symlinkat(const char
 	if (IS_ERR(dentry))
 		goto out_unlock;
 
-	error = vfs_symlink(nd.dentry->d_inode, dentry, from, S_IALLUGO);
+	error = vfs_symlink(nd.dentry->d_inode, dentry, nd.mnt, from,
+			    S_IALLUGO);
 	dput(dentry);
 out_unlock:
 	mutex_unlock(&nd.dentry->d_inode->i_mutex);
--- a/fs/nfsd/vfs.c
+++ b/fs/nfsd/vfs.c
@@ -1436,6 +1436,7 @@ nfsd_symlink(struct svc_rqst *rqstp, str
 				struct iattr *iap)
 {
 	struct dentry	*dentry, *dnew;
+	struct svc_export *exp;
 	__be32		err, cerr;
 	int		host_err;
 	umode_t		mode;
@@ -1462,6 +1463,7 @@ nfsd_symlink(struct svc_rqst *rqstp, str
 	if (iap && (iap->ia_valid & ATTR_MODE))
 		mode = iap->ia_mode & S_IALLUGO;
 
+	exp = fhp->fh_export;
 	if (unlikely(path[plen] != 0)) {
 		char *path_alloced = kmalloc(plen+1, GFP_KERNEL);
 		if (path_alloced == NULL)
@@ -1469,20 +1471,22 @@ nfsd_symlink(struct svc_rqst *rqstp, str
 		else {
 			strncpy(path_alloced, path, plen);
 			path_alloced[plen] = 0;
-			host_err = vfs_symlink(dentry->d_inode, dnew, path_alloced, mode);
+			host_err = vfs_symlink(dentry->d_inode, dnew,
+					       exp->ex_mnt, path_alloced, mode);
 			kfree(path_alloced);
 		}
 	} else
-		host_err = vfs_symlink(dentry->d_inode, dnew, path, mode);
+		host_err = vfs_symlink(dentry->d_inode, dnew, exp->ex_mnt, path,
+				       mode);
 
 	if (!host_err) {
-		if (EX_ISSYNC(fhp->fh_export))
+		if (EX_ISSYNC(exp))
 			host_err = nfsd_sync_dir(dentry);
 	}
 	err = nfserrno(host_err);
 	fh_unlock(fhp);
 
-	cerr = fh_compose(resfhp, fhp->fh_export, dnew, fhp);
+	cerr = fh_compose(resfhp, exp, dnew, fhp);
 	dput(dnew);
 	if (err==0) err = cerr;
 out:
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -995,7 +995,7 @@ extern int vfs_permission(struct nameida
 extern int vfs_create(struct inode *, struct dentry *, int, struct nameidata *);
 extern int vfs_mkdir(struct inode *, struct dentry *, struct vfsmount *, int);
 extern int vfs_mknod(struct inode *, struct dentry *, struct vfsmount *, int, dev_t);
-extern int vfs_symlink(struct inode *, struct dentry *, const char *, int);
+extern int vfs_symlink(struct inode *, struct dentry *, struct vfsmount *, const char *, int);
 extern int vfs_link(struct dentry *, struct inode *, struct dentry *);
 extern int vfs_rmdir(struct inode *, struct dentry *);
 extern int vfs_unlink(struct inode *, struct dentry *);

-- 

  parent reply	other threads:[~2007-06-26 23:13 UTC|newest]

Thread overview: 76+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-06-26 23:07 [AppArmor 00/44] AppArmor security module overview jjohansen
2007-06-26 23:07 ` [AppArmor 01/44] Pass struct vfsmount to the inode_create LSM hook jjohansen
2007-06-30  9:29   ` Christoph Hellwig
2007-07-03 22:28     ` Andreas Gruenbacher
2007-06-26 23:07 ` [AppArmor 02/44] Pass struct path down to remove_suid and children jjohansen
2007-06-26 23:07 ` [AppArmor 03/44] Add a vfsmount parameter to notify_change() jjohansen
2007-06-26 23:08 ` [AppArmor 04/44] Pass struct vfsmount to the inode_setattr LSM hook jjohansen
2007-06-26 23:08 ` [AppArmor 05/44] Add struct vfsmount parameter to vfs_mkdir() jjohansen
2007-06-26 23:08 ` [AppArmor 06/44] Pass struct vfsmount to the inode_mkdir LSM hook jjohansen
2007-06-26 23:08 ` [AppArmor 07/44] Add a struct vfsmount parameter to vfs_mknod() jjohansen
2007-06-26 23:08 ` [AppArmor 08/44] Pass struct vfsmount to the inode_mknod LSM hook jjohansen
2007-06-26 23:08 ` jjohansen [this message]
2007-06-26 23:08 ` [AppArmor 10/44] Pass struct vfsmount to the inode_symlink " jjohansen
2007-06-26 23:08 ` [AppArmor 11/44] Pass struct vfsmount to the inode_readlink " jjohansen
2007-06-26 23:08 ` [AppArmor 12/44] Add struct vfsmount parameters to vfs_link() jjohansen
2007-06-26 23:08 ` [AppArmor 13/44] Pass the struct vfsmounts to the inode_link LSM hook jjohansen
2007-06-26 23:08 ` [AppArmor 14/44] Add a struct vfsmount parameter to vfs_rmdir() jjohansen
2007-06-26 23:08 ` [AppArmor 15/44] Pass struct vfsmount to the inode_rmdir LSM hook jjohansen
2007-06-26 23:08 ` [AppArmor 16/44] Call lsm hook before unhashing dentry in vfs_rmdir() jjohansen
2007-06-26 23:08 ` [AppArmor 17/44] Add a struct vfsmount parameter to vfs_unlink() jjohansen
2007-06-26 23:08 ` [AppArmor 18/44] Pass struct vfsmount to the inode_unlink LSM hook jjohansen
2007-06-26 23:08 ` [AppArmor 19/44] Add struct vfsmount parameters to vfs_rename() jjohansen
2007-06-26 23:08 ` [AppArmor 20/44] Pass struct vfsmount to the inode_rename LSM hook jjohansen
2007-06-26 23:08 ` [AppArmor 21/44] Add a struct vfsmount parameter to vfs_setxattr() jjohansen
2007-06-26 23:08 ` [AppArmor 22/44] Pass struct vfsmount to the inode_setxattr LSM hook jjohansen
2007-06-26 23:08 ` [AppArmor 23/44] Add a struct vfsmount parameter to vfs_getxattr() jjohansen
2007-06-26 23:08 ` [AppArmor 25/44] Add a struct vfsmount parameter to vfs_listxattr() jjohansen
2007-06-26 23:08 ` [AppArmor 26/44] Pass struct vfsmount to the inode_listxattr LSM hook jjohansen
2007-06-26 23:08 ` [AppArmor 27/44] Add a struct vfsmount parameter to vfs_removexattr() jjohansen
2007-06-26 23:08 ` [AppArmor 28/44] Pass struct vfsmount to the inode_removexattr LSM hook jjohansen
2007-06-26 23:08 ` [AppArmor 29/44] Fix __d_path() for lazy unmounts and make it unambiguous jjohansen
2007-06-26 23:08 ` [AppArmor 30/44] Make d_path() consistent across mount operations jjohansen
2007-06-26 23:08 ` [AppArmor 32/44] Enable LSM hooks to distinguish operations on file descriptors from operations on pathnames jjohansen
2007-06-28 16:12   ` James Morris
2007-06-28 18:15     ` Andreas Gruenbacher
2007-07-03 13:49       ` Stephen Smalley
2007-07-03 20:01         ` Andreas Gruenbacher
2007-06-26 23:08 ` [AppArmor 33/44] Pass struct file down the inode_*xattr security LSM hooks jjohansen
2007-06-26 23:08 ` [AppArmor 34/44] Factor out sysctl pathname code jjohansen
2007-06-26 23:08 ` [AppArmor 35/44] Allow permission functions to tell between parent and leaf checks jjohansen
2007-06-26 23:08 ` [AppArmor 36/44] Export audit subsystem for use by modules jjohansen
2007-06-26 23:08 ` [AppArmor 37/44] AppArmor: Main Part jjohansen
2007-06-26 23:08 ` [AppArmor 38/44] AppArmor: Module and LSM hooks jjohansen
2007-06-26 23:08 ` [AppArmor 39/44] AppArmor: Profile loading and manipulation, pathname matching jjohansen
2007-06-26 23:08 ` [AppArmor 40/44] AppArmor: all the rest jjohansen
2007-06-26 23:08 ` [AppArmor 41/44] Add AppArmor LSM to security/Makefile jjohansen
2007-06-26 23:08 ` [AppArmor 42/44] Switch to vfs_permission() in do_path_lookup() jjohansen
2007-06-26 23:08 ` [AppArmor 43/44] Switch to vfs_permission() in sys_fchdir() jjohansen
2007-06-26 23:08 ` [AppArmor 44/44] Fix file_permission() jjohansen
2007-06-26 23:52 ` [AppArmor 00/44] AppArmor security module overview Andrew Morton
2007-06-27  2:24   ` John Johansen
2007-06-27  2:47     ` Andrew Morton
2007-06-27  6:43       ` John Johansen
2007-06-27 15:11       ` Adrian Bunk
2007-06-27 21:06         ` Crispin Cowan
2007-06-27 21:29           ` Sean
2007-06-27 22:46             ` Crispin Cowan
2007-06-27 23:05               ` David Miller
2007-06-28  0:27                 ` Casey Schaufler
2007-06-28  0:34                   ` David Miller
2007-06-28 10:23                   ` Alan Cox
2007-06-28 13:50                   ` Bill O'Donnell
2007-06-28 11:27                 ` Tilman Schmidt
2007-06-28 12:48                   ` Adrian Bunk
2007-06-27 22:41         ` Andreas Dilger
2007-07-02 16:45         ` Eric W. Biederman
2007-07-02 19:31           ` Casey Schaufler
2007-07-02 20:15             ` Christoph Hellwig
2007-07-02 21:09               ` Casey Schaufler
2007-07-03 16:33               ` Andreas Gruenbacher
2007-06-29 18:06       ` Pavel Machek
2007-07-03  6:20       ` Dave Jones
2007-06-27 10:58     ` Kyle Moffett
2007-06-27 13:37       ` Andreas Gruenbacher
2007-06-27  0:32 ` [AppArmor 24/44] Pass struct vfsmount to the inode_getxattr LSM hook jjohansen
2007-06-27  0:32 ` [AppArmor 31/44] Add d_namespace_path() to compute namespace relative pathnames jjohansen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20070626230929.501398654@suse.de \
    --to=jjohansen@suse.de \
    --cc=agruen@suse.de \
    --cc=akpm@linux-foundation.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=tonyj@suse.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).