->permission() sanitizing: don't pass flags to exec_permission()

pass mask instead; kill security_inode_exec_permission() since we can use security_inode_permission() instead. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

->permission() sanitizing: don't pass flags to exec_permission()
pass mask instead; kill security_inode_exec_permission() since we can use security_inode_permission() instead. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro
1 parent cf1dd1dae8
Showing 3 changed files with 7 additions and 27 deletions Side-by-side Diff
fs/namei.c
include/linux/security.h
security/security.c
@@ -304,7 +304,7 @@
 /**
  * exec_permission  -  check for right to do lookups in a given directory
  * @inode:	inode to check permission on
- * @flags:	IPERM_FLAG_ flags.
+ * @mask:	MAY_EXEC and possibly MAY_NOT_BLOCK flags.
  *
  * Short-cut version of inode_permission(), for calling on directories
  * during pathname resolution.  Combines parts of inode_permission()
  
@@ -314,13 +314,10 @@
  * short-cut DAC fails, then call ->permission() to do more
  * complete permission check.
  */
-static inline int exec_permission(struct inode *inode, unsigned int flags)
+static inline int exec_permission(struct inode *inode, int mask)
 {
 	int ret;
 	struct user_namespace *ns = inode_userns(inode);
-	int mask = MAY_EXEC;
-	if (flags & IPERM_FLAG_RCU)
-		mask |= MAY_NOT_BLOCK;
  
 	if (inode->i_op->permission) {
 		ret = inode->i_op->permission(inode, mask);
@@ -338,7 +335,7 @@
 	}
 	return ret;
 ok:
-	return security_inode_exec_permission(inode, flags);
+	return security_inode_permission(inode, mask);
 }
  
 /**
  
@@ -1214,13 +1211,13 @@
 static inline int may_lookup(struct nameidata *nd)
 {
 	if (nd->flags & LOOKUP_RCU) {
-		int err = exec_permission(nd->inode, IPERM_FLAG_RCU);
+		int err = exec_permission(nd->inode, MAY_EXEC|MAY_NOT_BLOCK);
 		if (err != -ECHILD)
 			return err;
 		if (unlazy_walk(nd, NULL))
 			return -ECHILD;
 	}
-	return exec_permission(nd->inode, 0);
+	return exec_permission(nd->inode, MAY_EXEC);
 }
  
 static inline int handle_dots(struct nameidata *nd, int type)
@@ -1495,7 +1492,7 @@
 			if (!S_ISDIR(dentry->d_inode->i_mode))
 				goto fput_fail;
  
-			retval = exec_permission(dentry->d_inode, 0);
+			retval = exec_permission(dentry->d_inode, MAY_EXEC);
 			if (retval)
 				goto fput_fail;
 		}
@@ -1652,7 +1649,7 @@
 	struct dentry *dentry;
 	int err;
  
-	err = exec_permission(inode, 0);
+	err = exec_permission(inode, MAY_EXEC);
 	if (err)
 		return ERR_PTR(err);
  
@@ -1720,7 +1720,6 @@
 int security_inode_readlink(struct dentry *dentry);
 int security_inode_follow_link(struct dentry *dentry, struct nameidata *nd);
 int security_inode_permission(struct inode *inode, int mask);
-int security_inode_exec_permission(struct inode *inode, unsigned int flags);
 int security_inode_setattr(struct dentry *dentry, struct iattr *attr);
 int security_inode_getattr(struct vfsmount *mnt, struct dentry *dentry);
 int security_inode_setxattr(struct dentry *dentry, const char *name,
@@ -2109,12 +2108,6 @@
 }
  
 static inline int security_inode_permission(struct inode *inode, int mask)
-{
-	return 0;
-}
-
-static inline int security_inode_exec_permission(struct inode *inode,
-						  unsigned int flags)
 {
 	return 0;
 }
@@ -521,16 +521,6 @@
 	return security_ops->inode_permission(inode, mask);
 }
  
-int security_inode_exec_permission(struct inode *inode, unsigned int flags)
-{
-	int mask = MAY_EXEC;
-	if (unlikely(IS_PRIVATE(inode)))
-		return 0;
-	if (flags)
-		mask |= MAY_NOT_BLOCK;
-	return security_ops->inode_permission(inode, mask);
-}
-
 int security_inode_setattr(struct dentry *dentry, struct iattr *attr)
 {
 	if (unlikely(IS_PRIVATE(dentry->d_inode)))
...	...	@@ -304,7 +304,7 @@
304	304	/**
305	305	* exec_permission - check for right to do lookups in a given directory
306	306	* @inode: inode to check permission on
307		- * @flags: IPERM_FLAG_ flags.
	307	+ * @mask: MAY_EXEC and possibly MAY_NOT_BLOCK flags.
308	308	*
309	309	* Short-cut version of inode_permission(), for calling on directories
310	310	* during pathname resolution. Combines parts of inode_permission()
311	311
...	...	@@ -314,13 +314,10 @@
314	314	* short-cut DAC fails, then call ->permission() to do more
315	315	* complete permission check.
316	316	*/
317		-static inline int exec_permission(struct inode *inode, unsigned int flags)
	317	+static inline int exec_permission(struct inode *inode, int mask)
318	318	{
319	319	int ret;
320	320	struct user_namespace *ns = inode_userns(inode);
321		- int mask = MAY_EXEC;
322		- if (flags & IPERM_FLAG_RCU)
323		- mask \|= MAY_NOT_BLOCK;
324	321
325	322	if (inode->i_op->permission) {
326	323	ret = inode->i_op->permission(inode, mask);
...	...	@@ -338,7 +335,7 @@
338	335	}
339	336	return ret;
340	337	ok:
341		- return security_inode_exec_permission(inode, flags);
	338	+ return security_inode_permission(inode, mask);
342	339	}
343	340
344	341	/**
345	342
...	...	@@ -1214,13 +1211,13 @@
1214	1211	static inline int may_lookup(struct nameidata *nd)
1215	1212	{
1216	1213	if (nd->flags & LOOKUP_RCU) {
1217		- int err = exec_permission(nd->inode, IPERM_FLAG_RCU);
	1214	+ int err = exec_permission(nd->inode, MAY_EXEC\|MAY_NOT_BLOCK);
1218	1215	if (err != -ECHILD)
1219	1216	return err;
1220	1217	if (unlazy_walk(nd, NULL))
1221	1218	return -ECHILD;
1222	1219	}
1223		- return exec_permission(nd->inode, 0);
	1220	+ return exec_permission(nd->inode, MAY_EXEC);
1224	1221	}
1225	1222
1226	1223	static inline int handle_dots(struct nameidata *nd, int type)
...	...	@@ -1495,7 +1492,7 @@
1495	1492	if (!S_ISDIR(dentry->d_inode->i_mode))
1496	1493	goto fput_fail;
1497	1494
1498		- retval = exec_permission(dentry->d_inode, 0);
	1495	+ retval = exec_permission(dentry->d_inode, MAY_EXEC);
1499	1496	if (retval)
1500	1497	goto fput_fail;
1501	1498	}
...	...	@@ -1652,7 +1649,7 @@
1652	1649	struct dentry *dentry;
1653	1650	int err;
1654	1651
1655		- err = exec_permission(inode, 0);
	1652	+ err = exec_permission(inode, MAY_EXEC);
1656	1653	if (err)
1657	1654	return ERR_PTR(err);
1658	1655
...	...	@@ -1720,7 +1720,6 @@
1720	1720	int security_inode_readlink(struct dentry *dentry);
1721	1721	int security_inode_follow_link(struct dentry dentry, struct nameidata nd);
1722	1722	int security_inode_permission(struct inode *inode, int mask);
1723		-int security_inode_exec_permission(struct inode *inode, unsigned int flags);
1724	1723	int security_inode_setattr(struct dentry dentry, struct iattr attr);
1725	1724	int security_inode_getattr(struct vfsmount mnt, struct dentry dentry);
1726	1725	int security_inode_setxattr(struct dentry dentry, const char name,
...	...	@@ -2109,12 +2108,6 @@
2109	2108	}
2110	2109
2111	2110	static inline int security_inode_permission(struct inode *inode, int mask)
2112		-{
2113		- return 0;
2114		-}
2115		-
2116		-static inline int security_inode_exec_permission(struct inode *inode,
2117		- unsigned int flags)
2118	2111	{
2119	2112	return 0;
2120	2113	}
...	...	@@ -521,16 +521,6 @@
521	521	return security_ops->inode_permission(inode, mask);
522	522	}
523	523
524		-int security_inode_exec_permission(struct inode *inode, unsigned int flags)
525		-{
526		- int mask = MAY_EXEC;
527		- if (unlikely(IS_PRIVATE(inode)))
528		- return 0;
529		- if (flags)
530		- mask \|= MAY_NOT_BLOCK;
531		- return security_ops->inode_permission(inode, mask);
532		-}
533		-
534	524	int security_inode_setattr(struct dentry dentry, struct iattr attr)
535	525	{
536	526	if (unlikely(IS_PRIVATE(dentry->d_inode)))