Commit cb622bbb69e41f2746aadf5d7d527e77597abe2e
Committed by
Linus Torvalds
Linus Torvalds
1 parent
58336114af
Exists in
master
and in
4 other branches
smackfs: remove redundant lock, fix open(,O_RDWR)
Older smackfs was parsing MAC rules by characters, thus a need of locking write sessions on open() was needed. This lock is no longer useful now since each rule is handled by a single write() call. This is also a bugfix since seq_open() was not called if an open() O_RDWR flag was given, leading to a seq_read() without an initialized seq_file, thus an Oops. Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com> Reported-by: Jonathan Corbet <corbet@lwn.net> Acked-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Showing 1 changed file with 2 additions and 33 deletions Side-by-side Diff
security/smack/smackfs.c
| ... | ... | @@ -74,11 +74,6 @@ |
| 74 | 74 | #define SEQ_READ_FINISHED 1 |
| 75 | 75 | |
| 76 | 76 | /* |
| 77 | - * Disable concurrent writing open() operations | |
| 78 | - */ | |
| 79 | -static struct semaphore smack_write_sem; | |
| 80 | - | |
| 81 | -/* | |
| 82 | 77 | * Values for parsing cipso rules |
| 83 | 78 | * SMK_DIGITLEN: Length of a digit field in a rule. |
| 84 | 79 | * SMK_CIPSOMIN: Minimum possible cipso rule length. |
| 85 | 80 | |
| ... | ... | @@ -168,35 +163,10 @@ |
| 168 | 163 | */ |
| 169 | 164 | static int smk_open_load(struct inode *inode, struct file *file) |
| 170 | 165 | { |
| 171 | - if ((file->f_flags & O_ACCMODE) == O_RDONLY) | |
| 172 | - return seq_open(file, &load_seq_ops); | |
| 173 | - | |
| 174 | - if (down_interruptible(&smack_write_sem)) | |
| 175 | - return -ERESTARTSYS; | |
| 176 | - | |
| 177 | - return 0; | |
| 166 | + return seq_open(file, &load_seq_ops); | |
| 178 | 167 | } |
| 179 | 168 | |
| 180 | 169 | /** |
| 181 | - * smk_release_load - release() for /smack/load | |
| 182 | - * @inode: inode structure representing file | |
| 183 | - * @file: "load" file pointer | |
| 184 | - * | |
| 185 | - * For a reading session, use the seq_file release | |
| 186 | - * implementation. | |
| 187 | - * Otherwise, we are at the end of a writing session so | |
| 188 | - * clean everything up. | |
| 189 | - */ | |
| 190 | -static int smk_release_load(struct inode *inode, struct file *file) | |
| 191 | -{ | |
| 192 | - if ((file->f_flags & O_ACCMODE) == O_RDONLY) | |
| 193 | - return seq_release(inode, file); | |
| 194 | - | |
| 195 | - up(&smack_write_sem); | |
| 196 | - return 0; | |
| 197 | -} | |
| 198 | - | |
| 199 | -/** | |
| 200 | 170 | * smk_set_access - add a rule to the rule list |
| 201 | 171 | * @srp: the new rule to add |
| 202 | 172 | * |
| ... | ... | @@ -341,7 +311,7 @@ |
| 341 | 311 | .read = seq_read, |
| 342 | 312 | .llseek = seq_lseek, |
| 343 | 313 | .write = smk_write_load, |
| 344 | - .release = smk_release_load, | |
| 314 | + .release = seq_release, | |
| 345 | 315 | }; |
| 346 | 316 | |
| 347 | 317 | /** |
| ... | ... | @@ -1011,7 +981,6 @@ |
| 1011 | 981 | } |
| 1012 | 982 | } |
| 1013 | 983 | |
| 1014 | - sema_init(&smack_write_sem, 1); | |
| 1015 | 984 | smk_cipso_doi(); |
| 1016 | 985 | smk_unlbl_ambient(NULL); |
| 1017 | 986 |