SELinux: rename dentry_open to file_open (83d49856) · Commits · jan.koester / Linux

fs/open.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -681,7 +681,7 @@ static struct file __dentry_open(struct dentry dentry, struct vfsmount *mnt,

		f->f_op = fops_get(inode->i_fop);

		error = security_dentry_open(f, cred);
		error = security_file_open(f, cred);
		if (error)
		goto cleanup_all;

include/linux/security.h

+5 −8

Original line number	Diff line number	Diff line
		@@ -639,10 +639,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
		* to receive an open file descriptor via socket IPC.
		* @file contains the file structure being received.
		* Return 0 if permission is granted.
		*
		* Security hook for dentry
		*
		* @dentry_open
		* @file_open
		* Save open-time permission checking state for later use upon
		* file_permission, and recheck access if anything has changed
		* since inode_permission.
		@@ -1497,7 +1494,7 @@ struct security_operations {
		int (file_send_sigiotask) (struct task_struct tsk,
		struct fown_struct *fown, int sig);
		int (file_receive) (struct file file);
		int (dentry_open) (struct file file, const struct cred *cred);
		int (file_open) (struct file file, const struct cred *cred);

		int (*task_create) (unsigned long clone_flags);
		void (task_free) (struct task_struct task);
		@@ -1756,7 +1753,7 @@ int security_file_set_fowner(struct file *file);
		int security_file_send_sigiotask(struct task_struct *tsk,
		struct fown_struct *fown, int sig);
		int security_file_receive(struct file *file);
		int security_dentry_open(struct file file, const struct cred cred);
		int security_file_open(struct file file, const struct cred cred);
		int security_task_create(unsigned long clone_flags);
		void security_task_free(struct task_struct *task);
		int security_cred_alloc_blank(struct cred *cred, gfp_t gfp);
		@@ -2227,7 +2224,7 @@ static inline int security_file_receive(struct file *file)
		return 0;
		}

		static inline int security_dentry_open(struct file *file,
		static inline int security_file_open(struct file *file,
		const struct cred *cred)
		{
		return 0;

security/apparmor/lsm.c

+2 −2

Original line number	Diff line number	Diff line
		@@ -373,7 +373,7 @@ static int apparmor_inode_getattr(struct vfsmount mnt, struct dentry dentry)
		AA_MAY_META_READ);
		}

		static int apparmor_dentry_open(struct file file, const struct cred cred)
		static int apparmor_file_open(struct file file, const struct cred cred)
		{
		struct aa_file_cxt *fcxt = file->f_security;
		struct aa_profile *profile;
		@@ -640,9 +640,9 @@ static struct security_operations apparmor_ops = {
		.path_chmod = apparmor_path_chmod,
		.path_chown = apparmor_path_chown,
		.path_truncate = apparmor_path_truncate,
		.dentry_open = apparmor_dentry_open,
		.inode_getattr = apparmor_inode_getattr,

		.file_open = apparmor_file_open,
		.file_permission = apparmor_file_permission,
		.file_alloc_security = apparmor_file_alloc_security,
		.file_free_security = apparmor_file_free_security,

security/capability.c

+2 −2

Original line number	Diff line number	Diff line
		@@ -348,7 +348,7 @@ static int cap_file_receive(struct file *file)
		return 0;
		}

		static int cap_dentry_open(struct file file, const struct cred cred)
		static int cap_file_open(struct file file, const struct cred cred)
		{
		return 0;
		}
		@@ -956,7 +956,7 @@ void __init security_fixup_ops(struct security_operations *ops)
		set_to_cap_if_null(ops, file_set_fowner);
		set_to_cap_if_null(ops, file_send_sigiotask);
		set_to_cap_if_null(ops, file_receive);
		set_to_cap_if_null(ops, dentry_open);
		set_to_cap_if_null(ops, file_open);
		set_to_cap_if_null(ops, task_create);
		set_to_cap_if_null(ops, task_free);
		set_to_cap_if_null(ops, cred_alloc_blank);

security/security.c

+2 −2

Original line number	Diff line number	Diff line
		@@ -701,11 +701,11 @@ int security_file_receive(struct file *file)
		return security_ops->file_receive(file);
		}

		int security_dentry_open(struct file file, const struct cred cred)
		int security_file_open(struct file file, const struct cred cred)
		{
		int ret;

		ret = security_ops->dentry_open(file, cred);
		ret = security_ops->file_open(file, cred);
		if (ret)
		return ret;