Received: by 2002:ac0:adb4:0:0:0:0:0 with SMTP id o49-v6csp5792imb; Tue, 10 Jul 2018 19:27:20 -0700 (PDT) X-Google-Smtp-Source: AAOMgpcp8zRmL1EEIV8Iv4nPcLkK9ARLPL34Pk/TszkAvGL2oLRykpg3u6uoHIRbJ/EH8PuVXbeu X-Received: by 2002:a17:902:a702:: with SMTP id w2-v6mr27191115plq.41.1531276040654; Tue, 10 Jul 2018 19:27:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1531276040; cv=none; d=google.com; s=arc-20160816; b=WTGzEl4Vte7UGWP1aTZpEbASLaqXE3b5rUAN39SiNw4EGM7AvWm0mWSDJ6wN9YHL75 jSTzr2bxmGERbRz5KfbgVpZ2FprLxdsvg9Tvv190nr5p/TJKMW25NszJqQTDbvMU+6+r 8hN+PuW7z4TwUUawxbWzORMmk4uQPQ68uqv7VnoCd8KDoSW/ko498d0QiImwfAu3Mxdq dRJ0wN68PHHocg2cbsDhYLflJ9rmndzQ3J5sFVdGpk+M3gitR58+npMnQNxBFPt0Tzwn 9Tl/iq2GlJ5b2ri56ZhJPukpWRQXTP9YunyE4k/UPV4x3WQxIu/TkXi8rSMsb8IdMKXN f3Uw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:arc-authentication-results; bh=BcZjhdD0cNph/5CkSH5HScqHDEkkvCzJkyfnSf5Wc98=; b=gZ6y6ImvMToFt7vH2Qjdyqdn6/QaJMrTwDq6r93LHHfhZ8Tl7oOzapNRrk2aQS5BmH Mm9J2VE180ZNqxiYCse0iucpBwUluXuM6ocRQ83hox5VVJuVBcoCSUSYk706kY9GpAHH f6LwHM+GpV/BFSndyHJOGNHn7hDwKdoU6GggCe65MqW6vu8Jkr0fw19FjiFkrM7Suu7x NDUtr8KA7x9dIu+A9PieMsaEAnPVRAwLOC3aeMezgXOnHZMV7HT2yL77KXuxbrO8ELz0 iDP18binGAta+GhBccOZLIlbPEw7lDtLSUQ0KeFd9po9qjSH96nMnmsxRtqqr4H/yWKr ZnUw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id p1-v6si18530987plb.204.2018.07.10.19.27.05; Tue, 10 Jul 2018 19:27:20 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732510AbeGKCYF (ORCPT + 99 others); Tue, 10 Jul 2018 22:24:05 -0400 Received: from zeniv.linux.org.uk ([195.92.253.2]:45550 "EHLO ZenIV.linux.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1732379AbeGKCYD (ORCPT ); Tue, 10 Jul 2018 22:24:03 -0400 Received: from viro by ZenIV.linux.org.uk with local (Exim 4.87 #1 (Red Hat Linux)) id 1fd4lb-0003IR-9G; Wed, 11 Jul 2018 02:22:07 +0000 From: Al Viro To: Linus Torvalds Cc: linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, Miklos Szeredi Subject: [RFC][PATCH 12/42] ->file_open(): lose cred argument Date: Wed, 11 Jul 2018 03:21:36 +0100 Message-Id: <20180711022206.12571-12-viro@ZenIV.linux.org.uk> X-Mailer: git-send-email 2.9.5 In-Reply-To: <20180711022206.12571-1-viro@ZenIV.linux.org.uk> References: <20180711021136.GN30522@ZenIV.linux.org.uk> <20180711022206.12571-1-viro@ZenIV.linux.org.uk> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Al Viro Signed-off-by: Al Viro --- include/linux/lsm_hooks.h | 2 +- security/apparmor/lsm.c | 4 ++-- security/security.c | 2 +- security/selinux/hooks.c | 4 ++-- security/smack/smack_lsm.c | 6 +++--- security/tomoyo/tomoyo.c | 2 +- 6 files changed, 10 insertions(+), 10 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 8f1131c8dd54..a8ee106b865d 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -1569,7 +1569,7 @@ union security_list_options { int (*file_send_sigiotask)(struct task_struct *tsk, struct fown_struct *fown, int sig); int (*file_receive)(struct file *file); - int (*file_open)(struct file *file, const struct cred *cred); + int (*file_open)(struct file *file); int (*task_alloc)(struct task_struct *task, unsigned long clone_flags); void (*task_free)(struct task_struct *task); diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 74f17376202b..8b8b70620bbe 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -395,7 +395,7 @@ static int apparmor_inode_getattr(const struct path *path) return common_perm_cond(OP_GETATTR, path, AA_MAY_GETATTR); } -static int apparmor_file_open(struct file *file, const struct cred *cred) +static int apparmor_file_open(struct file *file) { struct aa_file_ctx *fctx = file_ctx(file); struct aa_label *label; @@ -414,7 +414,7 @@ static int apparmor_file_open(struct file *file, const struct cred *cred) return 0; } - label = aa_get_newest_cred_label(cred); + label = aa_get_newest_cred_label(file->f_cred); if (!unconfined(label)) { struct inode *inode = file_inode(file); struct path_cond cond = { inode->i_uid, inode->i_mode }; diff --git a/security/security.c b/security/security.c index 235b35f58a65..5dce67070cdf 100644 --- a/security/security.c +++ b/security/security.c @@ -974,7 +974,7 @@ int security_file_open(struct file *file) { int ret; - ret = call_int_hook(file_open, 0, file, file->f_cred); + ret = call_int_hook(file_open, 0, file); if (ret) return ret; diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 2b5ee5fbd652..18006be15713 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -3862,7 +3862,7 @@ static int selinux_file_receive(struct file *file) return file_has_perm(cred, file, file_to_av(file)); } -static int selinux_file_open(struct file *file, const struct cred *cred) +static int selinux_file_open(struct file *file) { struct file_security_struct *fsec; struct inode_security_struct *isec; @@ -3886,7 +3886,7 @@ static int selinux_file_open(struct file *file, const struct cred *cred) * new inode label or new policy. * This check is not redundant - do not remove. */ - return file_path_has_perm(cred, file, open_file_to_av(file)); + return file_path_has_perm(file->f_cred, file, open_file_to_av(file)); } /* task security operations */ diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 7ad226018f51..e7b6c012431d 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -1927,9 +1927,9 @@ static int smack_file_receive(struct file *file) * * Returns 0 */ -static int smack_file_open(struct file *file, const struct cred *cred) +static int smack_file_open(struct file *file) { - struct task_smack *tsp = cred->security; + struct task_smack *tsp = file->f_cred->security; struct inode *inode = file_inode(file); struct smk_audit_info ad; int rc; @@ -1937,7 +1937,7 @@ static int smack_file_open(struct file *file, const struct cred *cred) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH); smk_ad_setfield_u_fs_path(&ad, file->f_path); rc = smk_tskacc(tsp, smk_of_inode(inode), MAY_READ, &ad); - rc = smk_bu_credfile(cred, file, MAY_READ, rc); + rc = smk_bu_credfile(file->f_cred, file, MAY_READ, rc); return rc; } diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index 213b8c593668..9f932e2d6852 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c @@ -320,7 +320,7 @@ static int tomoyo_file_fcntl(struct file *file, unsigned int cmd, * * Returns 0 on success, negative value otherwise. */ -static int tomoyo_file_open(struct file *f, const struct cred *cred) +static int tomoyo_file_open(struct file *f) { int flags = f->f_flags; /* Don't check read permission here if called from do_execve(). */ -- 2.11.0