2003-05-01 20:10:01

by Stephen Smalley

[permalink] [raw]
Subject: [PATCH] Move security_d_instantiate hook calls in 2.5.68

This patch against 2.5.68 moves the security_d_instantiate hook calls in
d_instantiate and d_splice_alias after the inode has been attached to
the dentry. This change is necessary so that security modules can
internally call the getxattr inode operation (which takes a dentry
parameter) from this hook to obtain the inode security label. Please
apply, or let me know if any changes are needed.


dcache.c | 5 +++--
1 files changed, 3 insertions(+), 2 deletions(-)

Index: linux-2.5/fs/dcache.c
===================================================================
RCS file: /home/pal/CVS/linux-2.5/fs/dcache.c,v
retrieving revision 1.5
diff -u -r1.5 dcache.c
--- linux-2.5/fs/dcache.c 21 Apr 2003 15:03:31 -0000 1.5
+++ linux-2.5/fs/dcache.c 28 Apr 2003 11:42:05 -0000
@@ -763,12 +763,12 @@
void d_instantiate(struct dentry *entry, struct inode * inode)
{
if (!list_empty(&entry->d_alias)) BUG();
- security_d_instantiate(entry, inode);
spin_lock(&dcache_lock);
if (inode)
list_add(&entry->d_alias, &inode->i_dentry);
entry->d_inode = inode;
spin_unlock(&dcache_lock);
+ security_d_instantiate(entry, inode);
}

/**
@@ -896,12 +896,12 @@
struct dentry *new = NULL;

if (inode && S_ISDIR(inode->i_mode)) {
- security_d_instantiate(dentry, inode);
spin_lock(&dcache_lock);
if (!list_empty(&inode->i_dentry)) {
new = list_entry(inode->i_dentry.next, struct dentry, d_alias);
__dget_locked(new);
spin_unlock(&dcache_lock);
+ security_d_instantiate(dentry, inode);
d_rehash(dentry);
d_move(new, dentry);
iput(inode);
@@ -910,6 +910,7 @@
list_add(&dentry->d_alias, &inode->i_dentry);
dentry->d_inode = inode;
spin_unlock(&dcache_lock);
+ security_d_instantiate(dentry, inode);
d_rehash(dentry);
}
} else


--
Stephen Smalley <[email protected]>
National Security Agency