This patch fixes the hard link count for selinuxfs directories, which are
currently one short.
Please apply.
Signed-off-by: James Morris <[email protected]>
Acked-by: Stephen Smalley <[email protected]>
---
security/selinux/selinuxfs.c | 4 ++++
1 file changed, 4 insertions(+)
diff -purN -X dontdiff linux-2.6.16-rc4.o/security/selinux/selinuxfs.c linux-2.6.16-rc4.w/security/selinux/selinuxfs.c
--- linux-2.6.16-rc4.o/security/selinux/selinuxfs.c 2006-02-17 17:23:45.000000000 -0500
+++ linux-2.6.16-rc4.w/security/selinux/selinuxfs.c 2006-02-19 17:48:41.000000000 -0500
@@ -1198,6 +1198,8 @@ static int sel_make_dir(struct super_blo
}
inode->i_op = &simple_dir_inode_operations;
inode->i_fop = &simple_dir_operations;
+ /* directory inodes start off with i_nlink == 2 (for "." entry) */
+ inode->i_nlink++;
d_add(dentry, inode);
out:
return ret;
@@ -1239,6 +1241,8 @@ static int sel_fill_super(struct super_b
goto out;
inode->i_op = &simple_dir_inode_operations;
inode->i_fop = &simple_dir_operations;
+ /* directory inodes start off with i_nlink == 2 (for "." entry) */
+ inode->i_nlink++;
d_add(dentry, inode);
bool_dir = dentry;
ret = sel_make_bools();
Use existing sel_make_dir() helper to create booleans directory rather
than duplicating the logic.
Please apply.
Signed-off-by: James Morris <[email protected]>
Acked-by: Stephen Smalley <[email protected]>
---
security/selinux/selinuxfs.c | 12 ++++--------
1 file changed, 4 insertions(+), 8 deletions(-)
diff -purN -X dontdiff linux-2.6.16-rc4.p/security/selinux/selinuxfs.c linux-2.6.16-rc4.w/security/selinux/selinuxfs.c
--- linux-2.6.16-rc4.p/security/selinux/selinuxfs.c 2006-02-19 20:00:31.000000000 -0500
+++ linux-2.6.16-rc4.w/security/selinux/selinuxfs.c 2006-02-21 02:24:08.000000000 -0500
@@ -1235,15 +1235,11 @@ static int sel_fill_super(struct super_b
dentry = d_alloc_name(sb->s_root, BOOL_DIR_NAME);
if (!dentry)
return -ENOMEM;
+
+ ret = sel_make_dir(sb, dentry);
+ if (ret)
+ return ret;
- inode = sel_make_inode(sb, S_IFDIR | S_IRUGO | S_IXUGO);
- if (!inode)
- goto out;
- inode->i_op = &simple_dir_inode_operations;
- inode->i_fop = &simple_dir_operations;
- /* directory inodes start off with i_nlink == 2 (for "." entry) */
- inode->i_nlink++;
- d_add(dentry, inode);
bool_dir = dentry;
ret = sel_make_bools();
if (ret)
This patch unifies the error path of sel_fill_super() so that all errors
pass through the same point and generate an error message. Also, removes
a spurious dput() in the error path which breaks the refcounting for the
filesystem (litter_kill_super() will correctly clean things up itself on
error).
Please apply.
Signed-off-by: James Morris <[email protected]>
Acked-by: Stephen Smalley <[email protected]>
---
selinuxfs.c | 41 ++++++++++++++++++++++++-----------------
1 file changed, 24 insertions(+), 17 deletions(-)
diff -purN -X dontdiff linux-2.6.16-rc4.p/security/selinux/selinuxfs.c linux-2.6.16-rc4.w/security/selinux/selinuxfs.c
--- linux-2.6.16-rc4.p/security/selinux/selinuxfs.c 2006-02-21 16:32:54.000000000 -0500
+++ linux-2.6.16-rc4.w/security/selinux/selinuxfs.c 2006-02-21 19:56:04.000000000 -0500
@@ -1230,28 +1230,34 @@ static int sel_fill_super(struct super_b
};
ret = simple_fill_super(sb, SELINUX_MAGIC, selinux_files);
if (ret)
- return ret;
+ goto err;
dentry = d_alloc_name(sb->s_root, BOOL_DIR_NAME);
- if (!dentry)
- return -ENOMEM;
+ if (!dentry) {
+ ret = -ENOMEM;
+ goto err;
+ }
ret = sel_make_dir(sb, dentry);
if (ret)
- return ret;
+ goto err;
bool_dir = dentry;
ret = sel_make_bools();
if (ret)
- goto out;
+ goto err;
dentry = d_alloc_name(sb->s_root, NULL_FILE_NAME);
- if (!dentry)
- return -ENOMEM;
+ if (!dentry) {
+ ret = -ENOMEM;
+ goto err;
+ }
inode = sel_make_inode(sb, S_IFCHR | S_IRUGO | S_IWUGO);
- if (!inode)
- goto out;
+ if (!inode) {
+ ret = -ENOMEM;
+ goto err;
+ }
isec = (struct inode_security_struct*)inode->i_security;
isec->sid = SECINITSID_DEVNULL;
isec->sclass = SECCLASS_CHR_FILE;
@@ -1262,22 +1268,23 @@ static int sel_fill_super(struct super_b
selinux_null = dentry;
dentry = d_alloc_name(sb->s_root, "avc");
- if (!dentry)
- return -ENOMEM;
+ if (!dentry) {
+ ret = -ENOMEM;
+ goto err;
+ }
ret = sel_make_dir(sb, dentry);
if (ret)
- goto out;
+ goto err;
ret = sel_make_avc_files(dentry);
if (ret)
- goto out;
-
- return 0;
+ goto err;
out:
- dput(dentry);
+ return ret;
+err:
printk(KERN_ERR "%s: failed while creating inodes\n", __FUNCTION__);
- return -ENOMEM;
+ goto out;
}
static struct super_block *sel_get_sb(struct file_system_type *fs_type,
Remove the call to sel_make_bools() from sel_fill_super(), as policy needs
to be loaded before the boolean files can be created. Policy will never
be loaded during sel_fill_super() as selinuxfs is kernel mounted during
init and the only means to load policy is via selinuxfs.
Also, the call to d_genocide() on the error path of sel_make_bools() is
incorrect and replaced with sel_remove_bools().
Please apply.
Signed-off-by: James Morris <[email protected]>
Acked-by: Stephen Smalley <[email protected]>
---
security/selinux/selinuxfs.c | 5 +----
1 file changed, 1 insertion(+), 4 deletions(-)
diff -purN -X dontdiff linux-2.6.16-rc4.p/security/selinux/selinuxfs.c linux-2.6.16-rc4.w/security/selinux/selinuxfs.c
--- linux-2.6.16-rc4.p/security/selinux/selinuxfs.c 2006-02-21 19:56:52.000000000 -0500
+++ linux-2.6.16-rc4.w/security/selinux/selinuxfs.c 2006-02-21 20:33:28.000000000 -0500
@@ -987,7 +987,7 @@ out:
return ret;
err:
kfree(values);
- d_genocide(dir);
+ sel_remove_bools(dir);
ret = -ENOMEM;
goto out;
}
@@ -1243,9 +1243,6 @@ static int sel_fill_super(struct super_b
goto err;
bool_dir = dentry;
- ret = sel_make_bools();
- if (ret)
- goto err;
dentry = d_alloc_name(sb->s_root, NULL_FILE_NAME);
if (!dentry) {
Fix copy & paste error in sel_make_avc_files(), removing a supurious call
to d_genocide() in the error path. All of this will be cleaned up by
kill_litter_super().
Please apply.
Signed-off-by: James Morris <[email protected]>
Acked-by: Stephen Smalley <[email protected]>
---
security/selinux/selinuxfs.c | 7 ++-----
1 file changed, 2 insertions(+), 5 deletions(-)
diff -purN -X dontdiff linux-2.6.16-rc4.p/security/selinux/selinuxfs.c linux-2.6.16-rc4.w/security/selinux/selinuxfs.c
--- linux-2.6.16-rc4.p/security/selinux/selinuxfs.c 2006-02-21 20:34:04.000000000 -0500
+++ linux-2.6.16-rc4.w/security/selinux/selinuxfs.c 2006-02-21 20:34:40.000000000 -0500
@@ -1168,22 +1168,19 @@ static int sel_make_avc_files(struct den
dentry = d_alloc_name(dir, files[i].name);
if (!dentry) {
ret = -ENOMEM;
- goto err;
+ goto out;
}
inode = sel_make_inode(dir->d_sb, S_IFREG|files[i].mode);
if (!inode) {
ret = -ENOMEM;
- goto err;
+ goto out;
}
inode->i_fop = files[i].ops;
d_add(dentry, inode);
}
out:
return ret;
-err:
- d_genocide(dir);
- goto out;
}
static int sel_make_dir(struct super_block *sb, struct dentry *dentry)