diff options
| author | Matthew Wilcox <matthew@wil.cx> | 2002-07-27 06:08:53 -0700 |
|---|---|---|
| committer | Russell King <rmk@flint.arm.linux.org.uk> | 2002-07-27 06:08:53 -0700 |
| commit | c997a03d28c9c79cd65ecfec3bd08097cb20f2bc (patch) | |
| tree | 18a554cd677fac38f15a195e61f2f94298e4eb04 | |
| parent | cab49a97104a6f6996ea42418515fd3dbc42f199 (diff) | |
[PATCH] LSM file locking patch is bogus
- Remove third argument from file_lock security op. Whether the lock is
blocking or not cannot make any difference to a security module!
- Fix the call in sys_flock to pass the translated lock command, not the
original.
- Add a call in fcntl_setlease. If they're going to know about two types
of lock, let's tell them about the third too.
| -rw-r--r-- | fs/locks.c | 12 | ||||
| -rw-r--r-- | include/linux/security.h | 3 |
2 files changed, 7 insertions, 8 deletions
diff --git a/fs/locks.c b/fs/locks.c index cb801127400a..3b606b44e7df 100644 --- a/fs/locks.c +++ b/fs/locks.c @@ -1242,6 +1242,9 @@ int fcntl_setlease(unsigned int fd, struct file *filp, long arg) return -EACCES; if (!S_ISREG(inode->i_mode)) return -EINVAL; + error = security_ops->file_lock(filp, arg); + if (error) + return error; lock_kernel(); @@ -1359,8 +1362,7 @@ asmlinkage long sys_flock(unsigned int fd, unsigned int cmd) if (error < 0) goto out_putf; - error = security_ops->file_lock(filp, cmd, - (cmd & LOCK_NB) ? 0 : 1); + error = security_ops->file_lock(filp, lock->fl_type); if (error) goto out_putf; @@ -1494,8 +1496,7 @@ int fcntl_setlk(struct file *filp, unsigned int cmd, struct flock *l) goto out; } - error = security_ops->file_lock(filp, file_lock->fl_type, - cmd == F_SETLKW); + error = security_ops->file_lock(filp, file_lock->fl_type); if (error) goto out; @@ -1618,8 +1619,7 @@ int fcntl_setlk64(struct file *filp, unsigned int cmd, struct flock64 *l) goto out; } - error = security_ops->file_lock(filp, file_lock->fl_type, - cmd == F_SETLKW64); + error = security_ops->file_lock(filp, file_lock->fl_type); if (error) goto out; diff --git a/include/linux/security.h b/include/linux/security.h index 156e9ddce632..34fd73a0fed2 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -407,7 +407,6 @@ struct swap_info_struct; * @file contains the file structure. * @cmd contains the posix-translated lock operation to perform * (e.g. F_RDLCK, F_WRLCK). - * @blocking indicates if the request is for a blocking lock. * Return 0 if permission is granted. * @file_fcntl: * Check permission before allowing the file operation specified by @cmd @@ -753,7 +752,7 @@ struct security_operations { int (*file_mmap) (struct file * file, unsigned long prot, unsigned long flags); int (*file_mprotect) (struct vm_area_struct * vma, unsigned long prot); - int (*file_lock) (struct file * file, unsigned int cmd, int blocking); + int (*file_lock) (struct file * file, unsigned int cmd); int (*file_fcntl) (struct file * file, unsigned int cmd, unsigned long arg); int (*file_set_fowner) (struct file * file); |