From 11be0b3c18d654a8d5ed441fa9e988193a57c1d2 Mon Sep 17 00:00:00 2001 From: Vsevolod Alekseev Date: Sat, 5 Nov 2011 02:35:28 -0700 Subject: security.h: fix misc typos/grammar errors in comments Fix various typos/grammar errors in include/linux/security.h comments (no code changes). Signed-off-by: Vsevolod Alekseev Acked-by: Randy Dunlap Signed-off-by: Jiri Kosina --- include/linux/security.h | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) (limited to 'include/linux/security.h') diff --git a/include/linux/security.h b/include/linux/security.h index 19d8e04e1688..94c35336b86b 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -186,7 +186,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) * Security module identifier. * * @name: - * A string that acts as a unique identifeir for the LSM with max number + * A string that acts as a unique identifier for the LSM with max number * of characters = SECURITY_NAME_MAX. * * Security hooks for program execution operations. @@ -275,7 +275,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) * @copy copied data which will be passed to the security module. * Returns 0 if the copy was successful. * @sb_remount: - * Extracts security system specifc mount options and verifys no changes + * Extracts security system specific mount options and verifies no changes * are being made to those options. * @sb superblock being remounted * @data contains the filesystem-specific data. @@ -380,15 +380,15 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) * Return 0 if permission is granted. * @inode_mkdir: * Check permissions to create a new directory in the existing directory - * associated with inode strcture @dir. - * @dir containst the inode structure of parent of the directory to be created. + * associated with inode structure @dir. + * @dir contains the inode structure of parent of the directory to be created. * @dentry contains the dentry structure of new directory. * @mode contains the mode of new directory. * Return 0 if permission is granted. * @path_mkdir: * Check permissions to create a new directory in the existing directory - * associated with path strcture @path. - * @dir containst the path structure of parent of the directory + * associated with path structure @path. + * @dir contains the path structure of parent of the directory * to be created. * @dentry contains the dentry structure of new directory. * @mode contains the mode of new directory. @@ -578,7 +578,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) * @file contains the file structure. * @cmd contains the operation to perform. * @arg contains the operational arguments. - * Check permission for an ioctl operation on @file. Note that @arg can + * Check permission for an ioctl operation on @file. Note that @arg * sometimes represents a user space pointer; in other cases, it may be a * simple integer value. When @arg represents a user space pointer, it * should never be used by the security module. @@ -606,7 +606,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) * Return 0 if permission is granted. * @file_fcntl: * Check permission before allowing the file operation specified by @cmd - * from being performed on the file @file. Note that @arg can sometimes + * from being performed on the file @file. Note that @arg sometimes * represents a user space pointer; in other cases, it may be a simple * integer value. When @arg represents a user space pointer, it should * never be used by the security module. @@ -793,7 +793,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) * information can be saved using the eff_cap field of the * netlink_skb_parms structure. Also may be used to provide fine * grained control over message transmission. - * @sk associated sock of task sending the message., + * @sk associated sock of task sending the message. * @skb contains the sk_buff structure for the netlink message. * Return 0 if the information was successfully saved and message * is allowed to be transmitted. @@ -1080,9 +1080,9 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) * should free it. * @key points to the key to be queried. * @_buffer points to a pointer that should be set to point to the - * resulting string (if no label or an error occurs). + * resulting string (if no label or an error occurs). * Return the length of the string (including terminating NUL) or -ve if - * an error. + * an error. * May also return 0 (and a NULL buffer pointer) if there is no label. * * Security hooks affecting all System V IPC operations. @@ -1268,7 +1268,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) * credentials. * @tsk contains the task_struct for the process. * @cred contains the credentials to use. - * @ns contains the user namespace we want the capability in + * @ns contains the user namespace we want the capability in * @cap contains the capability . * @audit: Whether to write an audit message or not * Return 0 if the capability is granted for @tsk. @@ -1370,7 +1370,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) * @ctxlen contains the length of @ctx. * * @inode_getsecctx: - * Returns a string containing all relavent security context information + * Returns a string containing all relevant security context information * * @inode we wish to get the security context of. * @ctx is a pointer in which to place the allocated security context. -- cgit v1.2.3-70-g09d2 From 1933ca8771585d43d3d2099c0c9ba7ca6b96e303 Mon Sep 17 00:00:00 2001 From: Andrew Morton Date: Tue, 15 Nov 2011 15:11:44 -0800 Subject: include/linux/security.h: fix security_inode_init_security() arg Make the security_inode_init_security() initxattrs arg const, to match the non-stubbed version of that function. Cc: James Morris Signed-off-by: Andrew Morton Signed-off-by: James Morris --- include/linux/security.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/linux/security.h') diff --git a/include/linux/security.h b/include/linux/security.h index 19d8e04e1688..051d4e96cb1f 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -2044,7 +2044,7 @@ static inline void security_inode_free(struct inode *inode) static inline int security_inode_init_security(struct inode *inode, struct inode *dir, const struct qstr *qstr, - initxattrs initxattrs, + const initxattrs initxattrs, void *fs_data) { return 0; -- cgit v1.2.3-70-g09d2 From 114d6e9c103736487c967060d0a7aec9a7fce967 Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Mon, 19 Dec 2011 11:32:56 -0800 Subject: security: update security_file_mmap() docs This documents the fields added to security_file_mmap() that were introduced in ed0321895182ffb6ecf210e066d87911b270d587. Signed-off-by: Kees Cook Signed-off-by: James Morris --- include/linux/security.h | 2 ++ 1 file changed, 2 insertions(+) (limited to 'include/linux/security.h') diff --git a/include/linux/security.h b/include/linux/security.h index 051d4e96cb1f..16bb52a65fa3 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -590,6 +590,8 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) * @reqprot contains the protection requested by the application. * @prot contains the protection that will be applied by the kernel. * @flags contains the operational flags. + * @addr contains virtual address that will be used for the operation. + * @addr_only contains a boolean: 0 if file-backed VMA, otherwise 1. * Return 0 if permission is granted. * @file_mprotect: * Check permissions before changing memory access permissions. -- cgit v1.2.3-70-g09d2 From 30e053248da178cf6154bb7e950dc8713567e3fa Mon Sep 17 00:00:00 2001 From: Jan Kara Date: Tue, 3 Jan 2012 13:14:29 +0100 Subject: security: Fix security_old_inode_init_security() when CONFIG_SECURITY is not set Commit 1e39f384bb01 ("evm: fix build problems") makes the stub version of security_old_inode_init_security() return 0 when CONFIG_SECURITY is not set. But that makes callers such as reiserfs_security_init() assume that security_old_inode_init_security() has set name, value, and len arguments properly - but security_old_inode_init_security() left them uninitialized which then results in interesting failures. Revert security_old_inode_init_security() to the old behavior of returning EOPNOTSUPP since both callers (reiserfs and ocfs2) handle this just fine. [ Also fixed the S_PRIVATE(inode) case of the actual non-stub security_old_inode_init_security() function to return EOPNOTSUPP for the same reason, as pointed out by Mimi Zohar. It got incorrectly changed to match the new function in commit fb88c2b6cbb1: "evm: fix security/security_old_init_security return code". - Linus ] Reported-by: Jorge Bastos Acked-by: James Morris Acked-by: Mimi Zohar Signed-off-by: Jan Kara Signed-off-by: Linus Torvalds --- include/linux/security.h | 2 +- security/security.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'include/linux/security.h') diff --git a/include/linux/security.h b/include/linux/security.h index 19d8e04e1688..e8c619d39291 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -2056,7 +2056,7 @@ static inline int security_old_inode_init_security(struct inode *inode, char **name, void **value, size_t *len) { - return 0; + return -EOPNOTSUPP; } static inline int security_inode_create(struct inode *dir, diff --git a/security/security.c b/security/security.c index 0c6cc69c8f86..e2f684aeb70c 100644 --- a/security/security.c +++ b/security/security.c @@ -381,7 +381,7 @@ int security_old_inode_init_security(struct inode *inode, struct inode *dir, void **value, size_t *len) { if (unlikely(IS_PRIVATE(inode))) - return 0; + return -EOPNOTSUPP; return security_ops->inode_init_security(inode, dir, qstr, name, value, len); } -- cgit v1.2.3-70-g09d2 From 18bb1db3e7607e4a997d50991a6f9fa5b0f8722c Mon Sep 17 00:00:00 2001 From: Al Viro Date: Tue, 26 Jul 2011 01:41:39 -0400 Subject: switch vfs_mkdir() and ->mkdir() to umode_t vfs_mkdir() gets int, but immediately drops everything that might not fit into umode_t and that's the only caller of ->mkdir()... Signed-off-by: Al Viro --- Documentation/filesystems/Locking | 2 +- Documentation/filesystems/vfs.txt | 2 +- drivers/staging/pohmelfs/dir.c | 2 +- fs/9p/vfs_inode.c | 2 +- fs/9p/vfs_inode_dotl.c | 2 +- fs/affs/affs.h | 2 +- fs/affs/namei.c | 4 ++-- fs/afs/dir.c | 6 +++--- fs/autofs4/root.c | 4 ++-- fs/bad_inode.c | 2 +- fs/btrfs/inode.c | 2 +- fs/ceph/dir.c | 4 ++-- fs/cifs/cifsfs.h | 2 +- fs/cifs/inode.c | 4 ++-- fs/coda/dir.c | 4 ++-- fs/configfs/dir.c | 2 +- fs/ecryptfs/inode.c | 2 +- fs/exofs/namei.c | 2 +- fs/ext2/namei.c | 2 +- fs/ext3/namei.c | 2 +- fs/ext4/namei.c | 2 +- fs/fat/namei_msdos.c | 2 +- fs/fat/namei_vfat.c | 2 +- fs/fuse/dir.c | 2 +- fs/gfs2/inode.c | 2 +- fs/hfs/dir.c | 2 +- fs/hfsplus/dir.c | 2 +- fs/hostfs/hostfs_kern.c | 2 +- fs/hpfs/namei.c | 2 +- fs/hugetlbfs/inode.c | 2 +- fs/jffs2/dir.c | 4 ++-- fs/jfs/namei.c | 2 +- fs/logfs/dir.c | 2 +- fs/minix/namei.c | 2 +- fs/namei.c | 2 +- fs/ncpfs/dir.c | 4 ++-- fs/nfs/dir.c | 4 ++-- fs/nilfs2/namei.c | 2 +- fs/ocfs2/dlmfs/dlmfs.c | 2 +- fs/ocfs2/namei.c | 2 +- fs/omfs/dir.c | 2 +- fs/ramfs/inode.c | 2 +- fs/reiserfs/namei.c | 2 +- fs/reiserfs/xattr.c | 2 +- fs/sysv/namei.c | 2 +- fs/ubifs/dir.c | 4 ++-- fs/udf/namei.c | 2 +- fs/ufs/namei.c | 2 +- fs/xfs/xfs_iops.c | 2 +- include/linux/fs.h | 4 ++-- include/linux/security.h | 4 ++-- kernel/cgroup.c | 4 ++-- mm/shmem.c | 2 +- security/capability.c | 2 +- security/security.c | 2 +- security/selinux/hooks.c | 2 +- 56 files changed, 70 insertions(+), 70 deletions(-) (limited to 'include/linux/security.h') diff --git a/Documentation/filesystems/Locking b/Documentation/filesystems/Locking index d819ba16a0c7..6c7676d9c0ea 100644 --- a/Documentation/filesystems/Locking +++ b/Documentation/filesystems/Locking @@ -43,7 +43,7 @@ ata *); int (*link) (struct dentry *,struct inode *,struct dentry *); int (*unlink) (struct inode *,struct dentry *); int (*symlink) (struct inode *,struct dentry *,const char *); - int (*mkdir) (struct inode *,struct dentry *,int); + int (*mkdir) (struct inode *,struct dentry *,umode_t); int (*rmdir) (struct inode *,struct dentry *); int (*mknod) (struct inode *,struct dentry *,int,dev_t); int (*rename) (struct inode *, struct dentry *, diff --git a/Documentation/filesystems/vfs.txt b/Documentation/filesystems/vfs.txt index 43cbd0821721..0c147c79cdd8 100644 --- a/Documentation/filesystems/vfs.txt +++ b/Documentation/filesystems/vfs.txt @@ -346,7 +346,7 @@ struct inode_operations { int (*link) (struct dentry *,struct inode *,struct dentry *); int (*unlink) (struct inode *,struct dentry *); int (*symlink) (struct inode *,struct dentry *,const char *); - int (*mkdir) (struct inode *,struct dentry *,int); + int (*mkdir) (struct inode *,struct dentry *,umode_t); int (*rmdir) (struct inode *,struct dentry *); int (*mknod) (struct inode *,struct dentry *,int,dev_t); int (*rename) (struct inode *, struct dentry *, diff --git a/drivers/staging/pohmelfs/dir.c b/drivers/staging/pohmelfs/dir.c index 7598e77672a5..d3ad4dde991f 100644 --- a/drivers/staging/pohmelfs/dir.c +++ b/drivers/staging/pohmelfs/dir.c @@ -667,7 +667,7 @@ static int pohmelfs_create(struct inode *dir, struct dentry *dentry, int mode, return pohmelfs_create_entry(dir, dentry, 0, mode); } -static int pohmelfs_mkdir(struct inode *dir, struct dentry *dentry, int mode) +static int pohmelfs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { int err; diff --git a/fs/9p/vfs_inode.c b/fs/9p/vfs_inode.c index 2310cc9eb402..3e54900f3b7e 100644 --- a/fs/9p/vfs_inode.c +++ b/fs/9p/vfs_inode.c @@ -785,7 +785,7 @@ error: * */ -static int v9fs_vfs_mkdir(struct inode *dir, struct dentry *dentry, int mode) +static int v9fs_vfs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { int err; u32 perm; diff --git a/fs/9p/vfs_inode_dotl.c b/fs/9p/vfs_inode_dotl.c index 0b5745e21946..87e46b19b21b 100644 --- a/fs/9p/vfs_inode_dotl.c +++ b/fs/9p/vfs_inode_dotl.c @@ -395,7 +395,7 @@ err_clunk_old_fid: */ static int v9fs_vfs_mkdir_dotl(struct inode *dir, - struct dentry *dentry, int omode) + struct dentry *dentry, umode_t omode) { int err; struct v9fs_session_info *v9ses; diff --git a/fs/affs/affs.h b/fs/affs/affs.h index c2b9c79eb64e..8abcad7c935f 100644 --- a/fs/affs/affs.h +++ b/fs/affs/affs.h @@ -157,7 +157,7 @@ extern int affs_hash_name(struct super_block *sb, const u8 *name, unsigned int l extern struct dentry *affs_lookup(struct inode *dir, struct dentry *dentry, struct nameidata *); extern int affs_unlink(struct inode *dir, struct dentry *dentry); extern int affs_create(struct inode *dir, struct dentry *dentry, int mode, struct nameidata *); -extern int affs_mkdir(struct inode *dir, struct dentry *dentry, int mode); +extern int affs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode); extern int affs_rmdir(struct inode *dir, struct dentry *dentry); extern int affs_link(struct dentry *olddentry, struct inode *dir, struct dentry *dentry); diff --git a/fs/affs/namei.c b/fs/affs/namei.c index 780a11dc6318..7bb7660f805d 100644 --- a/fs/affs/namei.c +++ b/fs/affs/namei.c @@ -285,12 +285,12 @@ affs_create(struct inode *dir, struct dentry *dentry, int mode, struct nameidata } int -affs_mkdir(struct inode *dir, struct dentry *dentry, int mode) +affs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { struct inode *inode; int error; - pr_debug("AFFS: mkdir(%lu,\"%.*s\",0%o)\n",dir->i_ino, + pr_debug("AFFS: mkdir(%lu,\"%.*s\",0%ho)\n",dir->i_ino, (int)dentry->d_name.len,dentry->d_name.name,mode); inode = affs_new_inode(dir); diff --git a/fs/afs/dir.c b/fs/afs/dir.c index 1b0b19550015..e6ea58abde3b 100644 --- a/fs/afs/dir.c +++ b/fs/afs/dir.c @@ -30,7 +30,7 @@ static int afs_lookup_filldir(void *_cookie, const char *name, int nlen, loff_t fpos, u64 ino, unsigned dtype); static int afs_create(struct inode *dir, struct dentry *dentry, int mode, struct nameidata *nd); -static int afs_mkdir(struct inode *dir, struct dentry *dentry, int mode); +static int afs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode); static int afs_rmdir(struct inode *dir, struct dentry *dentry); static int afs_unlink(struct inode *dir, struct dentry *dentry); static int afs_link(struct dentry *from, struct inode *dir, @@ -764,7 +764,7 @@ static void afs_d_release(struct dentry *dentry) /* * create a directory on an AFS filesystem */ -static int afs_mkdir(struct inode *dir, struct dentry *dentry, int mode) +static int afs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { struct afs_file_status status; struct afs_callback cb; @@ -777,7 +777,7 @@ static int afs_mkdir(struct inode *dir, struct dentry *dentry, int mode) dvnode = AFS_FS_I(dir); - _enter("{%x:%u},{%s},%o", + _enter("{%x:%u},{%s},%ho", dvnode->fid.vid, dvnode->fid.vnode, dentry->d_name.name, mode); ret = -ENAMETOOLONG; diff --git a/fs/autofs4/root.c b/fs/autofs4/root.c index f55ae23b137e..75e5f1c8e028 100644 --- a/fs/autofs4/root.c +++ b/fs/autofs4/root.c @@ -26,7 +26,7 @@ static int autofs4_dir_symlink(struct inode *,struct dentry *,const char *); static int autofs4_dir_unlink(struct inode *,struct dentry *); static int autofs4_dir_rmdir(struct inode *,struct dentry *); -static int autofs4_dir_mkdir(struct inode *,struct dentry *,int); +static int autofs4_dir_mkdir(struct inode *,struct dentry *,umode_t); static long autofs4_root_ioctl(struct file *,unsigned int,unsigned long); #ifdef CONFIG_COMPAT static long autofs4_root_compat_ioctl(struct file *,unsigned int,unsigned long); @@ -699,7 +699,7 @@ static int autofs4_dir_rmdir(struct inode *dir, struct dentry *dentry) return 0; } -static int autofs4_dir_mkdir(struct inode *dir, struct dentry *dentry, int mode) +static int autofs4_dir_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { struct autofs_sb_info *sbi = autofs4_sbi(dir->i_sb); struct autofs_info *ino = autofs4_dentry_ino(dentry); diff --git a/fs/bad_inode.c b/fs/bad_inode.c index 9205cf25f1c6..5a2738c1f315 100644 --- a/fs/bad_inode.c +++ b/fs/bad_inode.c @@ -202,7 +202,7 @@ static int bad_inode_symlink (struct inode *dir, struct dentry *dentry, } static int bad_inode_mkdir(struct inode *dir, struct dentry *dentry, - int mode) + umode_t mode) { return -EIO; } diff --git a/fs/btrfs/inode.c b/fs/btrfs/inode.c index f8ff9738558a..e30de56e6b62 100644 --- a/fs/btrfs/inode.c +++ b/fs/btrfs/inode.c @@ -4792,7 +4792,7 @@ fail: return err; } -static int btrfs_mkdir(struct inode *dir, struct dentry *dentry, int mode) +static int btrfs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { struct inode *inode = NULL; struct btrfs_trans_handle *trans; diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c index 98954003a8d3..96141ae3d8be 100644 --- a/fs/ceph/dir.c +++ b/fs/ceph/dir.c @@ -753,7 +753,7 @@ static int ceph_symlink(struct inode *dir, struct dentry *dentry, return err; } -static int ceph_mkdir(struct inode *dir, struct dentry *dentry, int mode) +static int ceph_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { struct ceph_fs_client *fsc = ceph_sb_to_client(dir->i_sb); struct ceph_mds_client *mdsc = fsc->mdsc; @@ -767,7 +767,7 @@ static int ceph_mkdir(struct inode *dir, struct dentry *dentry, int mode) dout("mksnap dir %p snap '%.*s' dn %p\n", dir, dentry->d_name.len, dentry->d_name.name, dentry); } else if (ceph_snap(dir) == CEPH_NOSNAP) { - dout("mkdir dir %p dn %p mode 0%o\n", dir, dentry, mode); + dout("mkdir dir %p dn %p mode 0%ho\n", dir, dentry, mode); op = CEPH_MDS_OP_MKDIR; } else { goto out; diff --git a/fs/cifs/cifsfs.h b/fs/cifs/cifsfs.h index 30ff56005d8f..add64454fd51 100644 --- a/fs/cifs/cifsfs.h +++ b/fs/cifs/cifsfs.h @@ -51,7 +51,7 @@ extern struct dentry *cifs_lookup(struct inode *, struct dentry *, extern int cifs_unlink(struct inode *dir, struct dentry *dentry); extern int cifs_hardlink(struct dentry *, struct inode *, struct dentry *); extern int cifs_mknod(struct inode *, struct dentry *, int, dev_t); -extern int cifs_mkdir(struct inode *, struct dentry *, int); +extern int cifs_mkdir(struct inode *, struct dentry *, umode_t); extern int cifs_rmdir(struct inode *, struct dentry *); extern int cifs_rename(struct inode *, struct dentry *, struct inode *, struct dentry *); diff --git a/fs/cifs/inode.c b/fs/cifs/inode.c index e851d5b8931e..a5f54b7d9822 100644 --- a/fs/cifs/inode.c +++ b/fs/cifs/inode.c @@ -1264,7 +1264,7 @@ unlink_out: return rc; } -int cifs_mkdir(struct inode *inode, struct dentry *direntry, int mode) +int cifs_mkdir(struct inode *inode, struct dentry *direntry, umode_t mode) { int rc = 0, tmprc; int xid; @@ -1275,7 +1275,7 @@ int cifs_mkdir(struct inode *inode, struct dentry *direntry, int mode) struct inode *newinode = NULL; struct cifs_fattr fattr; - cFYI(1, "In cifs_mkdir, mode = 0x%x inode = 0x%p", mode, inode); + cFYI(1, "In cifs_mkdir, mode = 0x%hx inode = 0x%p", mode, inode); cifs_sb = CIFS_SB(inode->i_sb); tlink = cifs_sb_tlink(cifs_sb); diff --git a/fs/coda/dir.c b/fs/coda/dir.c index 28e7e135cfab..a74ae6fcfb7e 100644 --- a/fs/coda/dir.c +++ b/fs/coda/dir.c @@ -37,7 +37,7 @@ static int coda_link(struct dentry *old_dentry, struct inode *dir_inode, static int coda_unlink(struct inode *dir_inode, struct dentry *entry); static int coda_symlink(struct inode *dir_inode, struct dentry *entry, const char *symname); -static int coda_mkdir(struct inode *dir_inode, struct dentry *entry, int mode); +static int coda_mkdir(struct inode *dir_inode, struct dentry *entry, umode_t mode); static int coda_rmdir(struct inode *dir_inode, struct dentry *entry); static int coda_rename(struct inode *old_inode, struct dentry *old_dentry, struct inode *new_inode, struct dentry *new_dentry); @@ -223,7 +223,7 @@ err_out: return error; } -static int coda_mkdir(struct inode *dir, struct dentry *de, int mode) +static int coda_mkdir(struct inode *dir, struct dentry *de, umode_t mode) { struct inode *inode; struct coda_vattr attrs; diff --git a/fs/configfs/dir.c b/fs/configfs/dir.c index 1c5296911104..5ddd7ebd9dcd 100644 --- a/fs/configfs/dir.c +++ b/fs/configfs/dir.c @@ -1170,7 +1170,7 @@ void configfs_undepend_item(struct configfs_subsystem *subsys, } EXPORT_SYMBOL(configfs_undepend_item); -static int configfs_mkdir(struct inode *dir, struct dentry *dentry, int mode) +static int configfs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { int ret = 0; int module_got = 0; diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c index 32f90a3ae63e..ebf8726482b6 100644 --- a/fs/ecryptfs/inode.c +++ b/fs/ecryptfs/inode.c @@ -559,7 +559,7 @@ out_lock: return rc; } -static int ecryptfs_mkdir(struct inode *dir, struct dentry *dentry, int mode) +static int ecryptfs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { int rc; struct dentry *lower_dentry; diff --git a/fs/exofs/namei.c b/fs/exofs/namei.c index b54c43775f17..ff1c8286cd69 100644 --- a/fs/exofs/namei.c +++ b/fs/exofs/namei.c @@ -153,7 +153,7 @@ static int exofs_link(struct dentry *old_dentry, struct inode *dir, return exofs_add_nondir(dentry, inode); } -static int exofs_mkdir(struct inode *dir, struct dentry *dentry, int mode) +static int exofs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { struct inode *inode; int err = -EMLINK; diff --git a/fs/ext2/namei.c b/fs/ext2/namei.c index 761fde807fc9..e3f3672b2020 100644 --- a/fs/ext2/namei.c +++ b/fs/ext2/namei.c @@ -214,7 +214,7 @@ static int ext2_link (struct dentry * old_dentry, struct inode * dir, return err; } -static int ext2_mkdir(struct inode * dir, struct dentry * dentry, int mode) +static int ext2_mkdir(struct inode * dir, struct dentry * dentry, umode_t mode) { struct inode * inode; int err = -EMLINK; diff --git a/fs/ext3/namei.c b/fs/ext3/namei.c index 642dc6d66dfd..08ecb53a33ea 100644 --- a/fs/ext3/namei.c +++ b/fs/ext3/namei.c @@ -1768,7 +1768,7 @@ retry: return err; } -static int ext3_mkdir(struct inode * dir, struct dentry * dentry, int mode) +static int ext3_mkdir(struct inode * dir, struct dentry * dentry, umode_t mode) { handle_t *handle; struct inode * inode; diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c index aa4c782c9dd7..e506746724cf 100644 --- a/fs/ext4/namei.c +++ b/fs/ext4/namei.c @@ -1806,7 +1806,7 @@ retry: return err; } -static int ext4_mkdir(struct inode *dir, struct dentry *dentry, int mode) +static int ext4_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { handle_t *handle; struct inode *inode; diff --git a/fs/fat/namei_msdos.c b/fs/fat/namei_msdos.c index 216b419f30e2..d1f53cae897c 100644 --- a/fs/fat/namei_msdos.c +++ b/fs/fat/namei_msdos.c @@ -346,7 +346,7 @@ out: } /***** Make a directory */ -static int msdos_mkdir(struct inode *dir, struct dentry *dentry, int mode) +static int msdos_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { struct super_block *sb = dir->i_sb; struct fat_slot_info sinfo; diff --git a/fs/fat/namei_vfat.c b/fs/fat/namei_vfat.c index a87a65663c25..fde2eda6332e 100644 --- a/fs/fat/namei_vfat.c +++ b/fs/fat/namei_vfat.c @@ -870,7 +870,7 @@ out: return err; } -static int vfat_mkdir(struct inode *dir, struct dentry *dentry, int mode) +static int vfat_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { struct super_block *sb = dir->i_sb; struct inode *inode; diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c index 9f63e493a9b6..4848a1acb3bb 100644 --- a/fs/fuse/dir.c +++ b/fs/fuse/dir.c @@ -585,7 +585,7 @@ static int fuse_create(struct inode *dir, struct dentry *entry, int mode, return fuse_mknod(dir, entry, mode, 0); } -static int fuse_mkdir(struct inode *dir, struct dentry *entry, int mode) +static int fuse_mkdir(struct inode *dir, struct dentry *entry, umode_t mode) { struct fuse_mkdir_in inarg; struct fuse_conn *fc = get_fuse_conn(dir); diff --git a/fs/gfs2/inode.c b/fs/gfs2/inode.c index cfd4959b218c..eecfc39c07e6 100644 --- a/fs/gfs2/inode.c +++ b/fs/gfs2/inode.c @@ -1129,7 +1129,7 @@ static int gfs2_symlink(struct inode *dir, struct dentry *dentry, * Returns: errno */ -static int gfs2_mkdir(struct inode *dir, struct dentry *dentry, int mode) +static int gfs2_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { return gfs2_create_inode(dir, dentry, S_IFDIR | mode, 0, NULL, 0, 0); } diff --git a/fs/hfs/dir.c b/fs/hfs/dir.c index bce4eef91a06..06dc161e911c 100644 --- a/fs/hfs/dir.c +++ b/fs/hfs/dir.c @@ -216,7 +216,7 @@ static int hfs_create(struct inode *dir, struct dentry *dentry, int mode, * in a directory, given the inode for the parent directory and the * name (and its length) of the new directory. */ -static int hfs_mkdir(struct inode *dir, struct dentry *dentry, int mode) +static int hfs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { struct inode *inode; int res; diff --git a/fs/hfsplus/dir.c b/fs/hfsplus/dir.c index 4536cd3f15ae..ed321f0384d7 100644 --- a/fs/hfsplus/dir.c +++ b/fs/hfsplus/dir.c @@ -459,7 +459,7 @@ static int hfsplus_create(struct inode *dir, struct dentry *dentry, int mode, return hfsplus_mknod(dir, dentry, mode, 0); } -static int hfsplus_mkdir(struct inode *dir, struct dentry *dentry, int mode) +static int hfsplus_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { return hfsplus_mknod(dir, dentry, mode | S_IFDIR, 0); } diff --git a/fs/hostfs/hostfs_kern.c b/fs/hostfs/hostfs_kern.c index 343ea632b97c..d35240fbbd73 100644 --- a/fs/hostfs/hostfs_kern.c +++ b/fs/hostfs/hostfs_kern.c @@ -676,7 +676,7 @@ int hostfs_symlink(struct inode *ino, struct dentry *dentry, const char *to) return err; } -int hostfs_mkdir(struct inode *ino, struct dentry *dentry, int mode) +int hostfs_mkdir(struct inode *ino, struct dentry *dentry, umode_t mode) { char *file; int err; diff --git a/fs/hpfs/namei.c b/fs/hpfs/namei.c index ea91fcb0ef9b..a2f89f2b9503 100644 --- a/fs/hpfs/namei.c +++ b/fs/hpfs/namei.c @@ -8,7 +8,7 @@ #include #include "hpfs_fn.h" -static int hpfs_mkdir(struct inode *dir, struct dentry *dentry, int mode) +static int hpfs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { const unsigned char *name = dentry->d_name.name; unsigned len = dentry->d_name.len; diff --git a/fs/hugetlbfs/inode.c b/fs/hugetlbfs/inode.c index 9c4ec538725b..ba269706e798 100644 --- a/fs/hugetlbfs/inode.c +++ b/fs/hugetlbfs/inode.c @@ -523,7 +523,7 @@ static int hugetlbfs_mknod(struct inode *dir, return error; } -static int hugetlbfs_mkdir(struct inode *dir, struct dentry *dentry, int mode) +static int hugetlbfs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { int retval = hugetlbfs_mknod(dir, dentry, mode | S_IFDIR, 0); if (!retval) diff --git a/fs/jffs2/dir.c b/fs/jffs2/dir.c index be6169bd8acd..5dc458f19bc9 100644 --- a/fs/jffs2/dir.c +++ b/fs/jffs2/dir.c @@ -29,7 +29,7 @@ static struct dentry *jffs2_lookup (struct inode *,struct dentry *, static int jffs2_link (struct dentry *,struct inode *,struct dentry *); static int jffs2_unlink (struct inode *,struct dentry *); static int jffs2_symlink (struct inode *,struct dentry *,const char *); -static int jffs2_mkdir (struct inode *,struct dentry *,int); +static int jffs2_mkdir (struct inode *,struct dentry *,umode_t); static int jffs2_rmdir (struct inode *,struct dentry *); static int jffs2_mknod (struct inode *,struct dentry *,int,dev_t); static int jffs2_rename (struct inode *, struct dentry *, @@ -450,7 +450,7 @@ static int jffs2_symlink (struct inode *dir_i, struct dentry *dentry, const char } -static int jffs2_mkdir (struct inode *dir_i, struct dentry *dentry, int mode) +static int jffs2_mkdir (struct inode *dir_i, struct dentry *dentry, umode_t mode) { struct jffs2_inode_info *f, *dir_f; struct jffs2_sb_info *c; diff --git a/fs/jfs/namei.c b/fs/jfs/namei.c index a112ad96e474..17ea85835715 100644 --- a/fs/jfs/namei.c +++ b/fs/jfs/namei.c @@ -205,7 +205,7 @@ static int jfs_create(struct inode *dip, struct dentry *dentry, int mode, * note: * EACCESS: user needs search+write permission on the parent directory */ -static int jfs_mkdir(struct inode *dip, struct dentry *dentry, int mode) +static int jfs_mkdir(struct inode *dip, struct dentry *dentry, umode_t mode) { int rc = 0; tid_t tid; /* transaction id */ diff --git a/fs/logfs/dir.c b/fs/logfs/dir.c index b7d7f67cee5a..25c5cbf8c123 100644 --- a/fs/logfs/dir.c +++ b/fs/logfs/dir.c @@ -482,7 +482,7 @@ out: return ret; } -static int logfs_mkdir(struct inode *dir, struct dentry *dentry, int mode) +static int logfs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { struct inode *inode; diff --git a/fs/minix/namei.c b/fs/minix/namei.c index 6e6777f1b4b2..0e7a1a22e554 100644 --- a/fs/minix/namei.c +++ b/fs/minix/namei.c @@ -103,7 +103,7 @@ static int minix_link(struct dentry * old_dentry, struct inode * dir, return add_nondir(dentry, inode); } -static int minix_mkdir(struct inode * dir, struct dentry *dentry, int mode) +static int minix_mkdir(struct inode * dir, struct dentry *dentry, umode_t mode) { struct inode * inode; int err = -EMLINK; diff --git a/fs/namei.c b/fs/namei.c index f6b3c73e862c..443c703249b3 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -2541,7 +2541,7 @@ SYSCALL_DEFINE3(mknod, const char __user *, filename, umode_t, mode, unsigned, d return sys_mknodat(AT_FDCWD, filename, mode, dev); } -int vfs_mkdir(struct inode *dir, struct dentry *dentry, int mode) +int vfs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { int error = may_create(dir, dentry); diff --git a/fs/ncpfs/dir.c b/fs/ncpfs/dir.c index 9c51f621e901..dfb51f084407 100644 --- a/fs/ncpfs/dir.c +++ b/fs/ncpfs/dir.c @@ -33,7 +33,7 @@ static int ncp_readdir(struct file *, void *, filldir_t); static int ncp_create(struct inode *, struct dentry *, int, struct nameidata *); static struct dentry *ncp_lookup(struct inode *, struct dentry *, struct nameidata *); static int ncp_unlink(struct inode *, struct dentry *); -static int ncp_mkdir(struct inode *, struct dentry *, int); +static int ncp_mkdir(struct inode *, struct dentry *, umode_t); static int ncp_rmdir(struct inode *, struct dentry *); static int ncp_rename(struct inode *, struct dentry *, struct inode *, struct dentry *); @@ -985,7 +985,7 @@ static int ncp_create(struct inode *dir, struct dentry *dentry, int mode, return ncp_create_new(dir, dentry, mode, 0, 0); } -static int ncp_mkdir(struct inode *dir, struct dentry *dentry, int mode) +static int ncp_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { struct ncp_entry_info finfo; struct ncp_server *server = NCP_SERVER(dir); diff --git a/fs/nfs/dir.c b/fs/nfs/dir.c index 23be134b3193..5d67d92a4248 100644 --- a/fs/nfs/dir.c +++ b/fs/nfs/dir.c @@ -48,7 +48,7 @@ static int nfs_closedir(struct inode *, struct file *); static int nfs_readdir(struct file *, void *, filldir_t); static struct dentry *nfs_lookup(struct inode *, struct dentry *, struct nameidata *); static int nfs_create(struct inode *, struct dentry *, int, struct nameidata *); -static int nfs_mkdir(struct inode *, struct dentry *, int); +static int nfs_mkdir(struct inode *, struct dentry *, umode_t); static int nfs_rmdir(struct inode *, struct dentry *); static int nfs_unlink(struct inode *, struct dentry *); static int nfs_symlink(struct inode *, struct dentry *, const char *); @@ -1719,7 +1719,7 @@ out_err: /* * See comments for nfs_proc_create regarding failed operations. */ -static int nfs_mkdir(struct inode *dir, struct dentry *dentry, int mode) +static int nfs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { struct iattr attr; int error; diff --git a/fs/nilfs2/namei.c b/fs/nilfs2/namei.c index 768982de10e4..e5e7311f1b92 100644 --- a/fs/nilfs2/namei.c +++ b/fs/nilfs2/namei.c @@ -213,7 +213,7 @@ static int nilfs_link(struct dentry *old_dentry, struct inode *dir, return err; } -static int nilfs_mkdir(struct inode *dir, struct dentry *dentry, int mode) +static int nilfs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { struct inode *inode; struct nilfs_transaction_info ti; diff --git a/fs/ocfs2/dlmfs/dlmfs.c b/fs/ocfs2/dlmfs/dlmfs.c index a9f007de1da8..77c8d8069461 100644 --- a/fs/ocfs2/dlmfs/dlmfs.c +++ b/fs/ocfs2/dlmfs/dlmfs.c @@ -488,7 +488,7 @@ static struct inode *dlmfs_get_inode(struct inode *parent, /* SMP-safe */ static int dlmfs_mkdir(struct inode * dir, struct dentry * dentry, - int mode) + umode_t mode) { int status; struct inode *inode = NULL; diff --git a/fs/ocfs2/namei.c b/fs/ocfs2/namei.c index a8b2bfea574e..c779f8bfc8a6 100644 --- a/fs/ocfs2/namei.c +++ b/fs/ocfs2/namei.c @@ -602,7 +602,7 @@ static int ocfs2_mknod_locked(struct ocfs2_super *osb, static int ocfs2_mkdir(struct inode *dir, struct dentry *dentry, - int mode) + umode_t mode) { int ret; diff --git a/fs/omfs/dir.c b/fs/omfs/dir.c index 98e544274390..667dc7ff28c0 100644 --- a/fs/omfs/dir.c +++ b/fs/omfs/dir.c @@ -279,7 +279,7 @@ out_free_inode: return err; } -static int omfs_mkdir(struct inode *dir, struct dentry *dentry, int mode) +static int omfs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { return omfs_add_node(dir, dentry, mode | S_IFDIR); } diff --git a/fs/ramfs/inode.c b/fs/ramfs/inode.c index 462ceb38fec6..61972bee0561 100644 --- a/fs/ramfs/inode.c +++ b/fs/ramfs/inode.c @@ -106,7 +106,7 @@ ramfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev) return error; } -static int ramfs_mkdir(struct inode * dir, struct dentry * dentry, int mode) +static int ramfs_mkdir(struct inode * dir, struct dentry * dentry, umode_t mode) { int retval = ramfs_mknod(dir, dentry, mode | S_IFDIR, 0); if (!retval) diff --git a/fs/reiserfs/namei.c b/fs/reiserfs/namei.c index 80058e8ce361..763239a7e8dd 100644 --- a/fs/reiserfs/namei.c +++ b/fs/reiserfs/namei.c @@ -721,7 +721,7 @@ static int reiserfs_mknod(struct inode *dir, struct dentry *dentry, int mode, return retval; } -static int reiserfs_mkdir(struct inode *dir, struct dentry *dentry, int mode) +static int reiserfs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { int retval; struct inode *inode; diff --git a/fs/reiserfs/xattr.c b/fs/reiserfs/xattr.c index 6bc346c160e7..c24deda8a8bc 100644 --- a/fs/reiserfs/xattr.c +++ b/fs/reiserfs/xattr.c @@ -66,7 +66,7 @@ static int xattr_create(struct inode *dir, struct dentry *dentry, int mode) } #endif -static int xattr_mkdir(struct inode *dir, struct dentry *dentry, int mode) +static int xattr_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { BUG_ON(!mutex_is_locked(&dir->i_mutex)); return dir->i_op->mkdir(dir, dentry, mode); diff --git a/fs/sysv/namei.c b/fs/sysv/namei.c index e474fbcf8bde..3368425a4ce2 100644 --- a/fs/sysv/namei.c +++ b/fs/sysv/namei.c @@ -131,7 +131,7 @@ static int sysv_link(struct dentry * old_dentry, struct inode * dir, return add_nondir(dentry, inode); } -static int sysv_mkdir(struct inode * dir, struct dentry *dentry, int mode) +static int sysv_mkdir(struct inode * dir, struct dentry *dentry, umode_t mode) { struct inode * inode; int err = -EMLINK; diff --git a/fs/ubifs/dir.c b/fs/ubifs/dir.c index 683492043317..f5102f368160 100644 --- a/fs/ubifs/dir.c +++ b/fs/ubifs/dir.c @@ -712,7 +712,7 @@ out_cancel: return err; } -static int ubifs_mkdir(struct inode *dir, struct dentry *dentry, int mode) +static int ubifs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { struct inode *inode; struct ubifs_inode *dir_ui = ubifs_inode(dir); @@ -725,7 +725,7 @@ static int ubifs_mkdir(struct inode *dir, struct dentry *dentry, int mode) * directory inode. */ - dbg_gen("dent '%.*s', mode %#x in dir ino %lu", + dbg_gen("dent '%.*s', mode %#hx in dir ino %lu", dentry->d_name.len, dentry->d_name.name, mode, dir->i_ino); err = ubifs_budget_space(c, &req); diff --git a/fs/udf/namei.c b/fs/udf/namei.c index 4639e137222f..7f8ee32842be 100644 --- a/fs/udf/namei.c +++ b/fs/udf/namei.c @@ -640,7 +640,7 @@ out: return err; } -static int udf_mkdir(struct inode *dir, struct dentry *dentry, int mode) +static int udf_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { struct inode *inode; struct udf_fileident_bh fibh; diff --git a/fs/ufs/namei.c b/fs/ufs/namei.c index 639d49162241..fa743aaa327c 100644 --- a/fs/ufs/namei.c +++ b/fs/ufs/namei.c @@ -180,7 +180,7 @@ static int ufs_link (struct dentry * old_dentry, struct inode * dir, return error; } -static int ufs_mkdir(struct inode * dir, struct dentry * dentry, int mode) +static int ufs_mkdir(struct inode * dir, struct dentry * dentry, umode_t mode) { struct inode * inode; int err = -EMLINK; diff --git a/fs/xfs/xfs_iops.c b/fs/xfs/xfs_iops.c index 23ce927973a4..99b324d43c98 100644 --- a/fs/xfs/xfs_iops.c +++ b/fs/xfs/xfs_iops.c @@ -241,7 +241,7 @@ STATIC int xfs_vn_mkdir( struct inode *dir, struct dentry *dentry, - int mode) + umode_t mode) { return xfs_vn_mknod(dir, dentry, mode|S_IFDIR, 0); } diff --git a/include/linux/fs.h b/include/linux/fs.h index cec429d76ab0..3f7bd8b12e37 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -1517,7 +1517,7 @@ extern void unlock_super(struct super_block *); * VFS helper functions.. */ extern int vfs_create(struct inode *, struct dentry *, int, struct nameidata *); -extern int vfs_mkdir(struct inode *, struct dentry *, int); +extern int vfs_mkdir(struct inode *, struct dentry *, umode_t); extern int vfs_mknod(struct inode *, struct dentry *, int, dev_t); extern int vfs_symlink(struct inode *, struct dentry *, const char *); extern int vfs_link(struct dentry *, struct inode *, struct dentry *); @@ -1623,7 +1623,7 @@ struct inode_operations { int (*link) (struct dentry *,struct inode *,struct dentry *); int (*unlink) (struct inode *,struct dentry *); int (*symlink) (struct inode *,struct dentry *,const char *); - int (*mkdir) (struct inode *,struct dentry *,int); + int (*mkdir) (struct inode *,struct dentry *,umode_t); int (*rmdir) (struct inode *,struct dentry *); int (*mknod) (struct inode *,struct dentry *,int,dev_t); int (*rename) (struct inode *, struct dentry *, diff --git a/include/linux/security.h b/include/linux/security.h index e8c619d39291..16cbc58cb13b 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -1453,7 +1453,7 @@ struct security_operations { int (*inode_unlink) (struct inode *dir, struct dentry *dentry); int (*inode_symlink) (struct inode *dir, struct dentry *dentry, const char *old_name); - int (*inode_mkdir) (struct inode *dir, struct dentry *dentry, int mode); + int (*inode_mkdir) (struct inode *dir, struct dentry *dentry, umode_t mode); int (*inode_rmdir) (struct inode *dir, struct dentry *dentry); int (*inode_mknod) (struct inode *dir, struct dentry *dentry, int mode, dev_t dev); @@ -1722,7 +1722,7 @@ int security_inode_link(struct dentry *old_dentry, struct inode *dir, int security_inode_unlink(struct inode *dir, struct dentry *dentry); int security_inode_symlink(struct inode *dir, struct dentry *dentry, const char *old_name); -int security_inode_mkdir(struct inode *dir, struct dentry *dentry, int mode); +int security_inode_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode); int security_inode_rmdir(struct inode *dir, struct dentry *dentry); int security_inode_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev); int security_inode_rename(struct inode *old_dir, struct dentry *old_dentry, diff --git a/kernel/cgroup.c b/kernel/cgroup.c index a184470cf9b5..b37a0ea55114 100644 --- a/kernel/cgroup.c +++ b/kernel/cgroup.c @@ -760,7 +760,7 @@ EXPORT_SYMBOL_GPL(cgroup_unlock); * -> cgroup_mkdir. */ -static int cgroup_mkdir(struct inode *dir, struct dentry *dentry, int mode); +static int cgroup_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode); static struct dentry *cgroup_lookup(struct inode *, struct dentry *, struct nameidata *); static int cgroup_rmdir(struct inode *unused_dir, struct dentry *dentry); static int cgroup_populate_dir(struct cgroup *cgrp); @@ -3846,7 +3846,7 @@ static long cgroup_create(struct cgroup *parent, struct dentry *dentry, return err; } -static int cgroup_mkdir(struct inode *dir, struct dentry *dentry, int mode) +static int cgroup_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { struct cgroup *c_parent = dentry->d_parent->d_fsdata; diff --git a/mm/shmem.c b/mm/shmem.c index c58594c06569..b8a8ddf069d0 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -1489,7 +1489,7 @@ shmem_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev) return error; } -static int shmem_mkdir(struct inode *dir, struct dentry *dentry, int mode) +static int shmem_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { int error; diff --git a/security/capability.c b/security/capability.c index 2984ea4f776f..ddd17892826a 100644 --- a/security/capability.c +++ b/security/capability.c @@ -148,7 +148,7 @@ static int cap_inode_symlink(struct inode *inode, struct dentry *dentry, } static int cap_inode_mkdir(struct inode *inode, struct dentry *dentry, - int mask) + umode_t mask) { return 0; } diff --git a/security/security.c b/security/security.c index e2f684aeb70c..be49eb5768bc 100644 --- a/security/security.c +++ b/security/security.c @@ -506,7 +506,7 @@ int security_inode_symlink(struct inode *dir, struct dentry *dentry, return security_ops->inode_symlink(dir, dentry, old_name); } -int security_inode_mkdir(struct inode *dir, struct dentry *dentry, int mode) +int security_inode_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { if (unlikely(IS_PRIVATE(dir))) return 0; diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 1126c10a5e82..ad74ad24ce2a 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2618,7 +2618,7 @@ static int selinux_inode_symlink(struct inode *dir, struct dentry *dentry, const return may_create(dir, dentry, SECCLASS_LNK_FILE); } -static int selinux_inode_mkdir(struct inode *dir, struct dentry *dentry, int mask) +static int selinux_inode_mkdir(struct inode *dir, struct dentry *dentry, umode_t mask) { return may_create(dir, dentry, SECCLASS_DIR); } -- cgit v1.2.3-70-g09d2 From 4acdaf27ebe2034c342f3be57ef49aed1ad885ef Mon Sep 17 00:00:00 2001 From: Al Viro Date: Tue, 26 Jul 2011 01:42:34 -0400 Subject: switch ->create() to umode_t vfs_create() ignores everything outside of 16bit subset of its mode argument; switching it to umode_t is obviously equivalent and it's the only caller of the method Signed-off-by: Al Viro --- Documentation/filesystems/Locking | 2 +- Documentation/filesystems/vfs.txt | 2 +- drivers/staging/pohmelfs/dir.c | 2 +- fs/9p/vfs_inode.c | 2 +- fs/9p/vfs_inode_dotl.c | 4 ++-- fs/affs/affs.h | 2 +- fs/affs/namei.c | 4 ++-- fs/afs/dir.c | 6 +++--- fs/bad_inode.c | 2 +- fs/bfs/dir.c | 2 +- fs/btrfs/inode.c | 2 +- fs/ceph/dir.c | 2 +- fs/cifs/cifsfs.h | 2 +- fs/cifs/dir.c | 2 +- fs/coda/dir.c | 4 ++-- fs/ecryptfs/inode.c | 2 +- fs/exofs/namei.c | 2 +- fs/ext2/namei.c | 2 +- fs/ext3/namei.c | 2 +- fs/ext4/namei.c | 2 +- fs/fat/namei_msdos.c | 2 +- fs/fat/namei_vfat.c | 2 +- fs/fuse/dir.c | 2 +- fs/gfs2/inode.c | 2 +- fs/hfs/dir.c | 2 +- fs/hfsplus/dir.c | 2 +- fs/hostfs/hostfs_kern.c | 2 +- fs/hpfs/namei.c | 2 +- fs/hugetlbfs/inode.c | 2 +- fs/jffs2/dir.c | 6 +++--- fs/jfs/namei.c | 2 +- fs/logfs/dir.c | 2 +- fs/minix/namei.c | 2 +- fs/namei.c | 2 +- fs/ncpfs/dir.c | 4 ++-- fs/nfs/dir.c | 12 ++++++------ fs/nilfs2/namei.c | 2 +- fs/ocfs2/dlmfs/dlmfs.c | 2 +- fs/ocfs2/namei.c | 2 +- fs/omfs/dir.c | 2 +- fs/ramfs/inode.c | 2 +- fs/reiserfs/namei.c | 2 +- fs/sysv/namei.c | 2 +- fs/ubifs/dir.c | 4 ++-- fs/udf/namei.c | 2 +- fs/ufs/namei.c | 2 +- fs/xfs/xfs_iops.c | 2 +- include/linux/fs.h | 4 ++-- include/linux/security.h | 6 +++--- ipc/mqueue.c | 4 ++-- mm/shmem.c | 2 +- security/capability.c | 2 +- security/security.c | 2 +- security/selinux/hooks.c | 2 +- 54 files changed, 72 insertions(+), 72 deletions(-) (limited to 'include/linux/security.h') diff --git a/Documentation/filesystems/Locking b/Documentation/filesystems/Locking index 6c7676d9c0ea..38d00c8898b9 100644 --- a/Documentation/filesystems/Locking +++ b/Documentation/filesystems/Locking @@ -37,7 +37,7 @@ d_manage: no no yes (ref-walk) maybe --------------------------- inode_operations --------------------------- prototypes: - int (*create) (struct inode *,struct dentry *,int, struct nameidata *); + int (*create) (struct inode *,struct dentry *,umode_t, struct nameidata *); struct dentry * (*lookup) (struct inode *,struct dentry *, struct nameid ata *); int (*link) (struct dentry *,struct inode *,struct dentry *); diff --git a/Documentation/filesystems/vfs.txt b/Documentation/filesystems/vfs.txt index 0c147c79cdd8..e7b900bc6285 100644 --- a/Documentation/filesystems/vfs.txt +++ b/Documentation/filesystems/vfs.txt @@ -341,7 +341,7 @@ This describes how the VFS can manipulate an inode in your filesystem. As of kernel 2.6.22, the following members are defined: struct inode_operations { - int (*create) (struct inode *,struct dentry *,int, struct nameidata *); + int (*create) (struct inode *,struct dentry *, umode_t, struct nameidata *); struct dentry * (*lookup) (struct inode *,struct dentry *, struct nameidata *); int (*link) (struct dentry *,struct inode *,struct dentry *); int (*unlink) (struct inode *,struct dentry *); diff --git a/drivers/staging/pohmelfs/dir.c b/drivers/staging/pohmelfs/dir.c index d3ad4dde991f..c33e959b6efe 100644 --- a/drivers/staging/pohmelfs/dir.c +++ b/drivers/staging/pohmelfs/dir.c @@ -661,7 +661,7 @@ static int pohmelfs_create_entry(struct inode *dir, struct dentry *dentry, u64 s /* * VFS create and mkdir callbacks. */ -static int pohmelfs_create(struct inode *dir, struct dentry *dentry, int mode, +static int pohmelfs_create(struct inode *dir, struct dentry *dentry, umode_t mode, struct nameidata *nd) { return pohmelfs_create_entry(dir, dentry, 0, mode); diff --git a/fs/9p/vfs_inode.c b/fs/9p/vfs_inode.c index 3e54900f3b7e..15cd5cef4485 100644 --- a/fs/9p/vfs_inode.c +++ b/fs/9p/vfs_inode.c @@ -702,7 +702,7 @@ error: */ static int -v9fs_vfs_create(struct inode *dir, struct dentry *dentry, int mode, +v9fs_vfs_create(struct inode *dir, struct dentry *dentry, umode_t mode, struct nameidata *nd) { int err; diff --git a/fs/9p/vfs_inode_dotl.c b/fs/9p/vfs_inode_dotl.c index 87e46b19b21b..c4731381f0c5 100644 --- a/fs/9p/vfs_inode_dotl.c +++ b/fs/9p/vfs_inode_dotl.c @@ -253,7 +253,7 @@ int v9fs_open_to_dotl_flags(int flags) */ static int -v9fs_vfs_create_dotl(struct inode *dir, struct dentry *dentry, int omode, +v9fs_vfs_create_dotl(struct inode *dir, struct dentry *dentry, umode_t omode, struct nameidata *nd) { int err = 0; @@ -284,7 +284,7 @@ v9fs_vfs_create_dotl(struct inode *dir, struct dentry *dentry, int omode, name = (char *) dentry->d_name.name; P9_DPRINTK(P9_DEBUG_VFS, "v9fs_vfs_create_dotl: name:%s flags:0x%x " - "mode:0x%x\n", name, flags, omode); + "mode:0x%hx\n", name, flags, omode); dfid = v9fs_fid_lookup(dentry->d_parent); if (IS_ERR(dfid)) { diff --git a/fs/affs/affs.h b/fs/affs/affs.h index 8abcad7c935f..9cad9b4a9af7 100644 --- a/fs/affs/affs.h +++ b/fs/affs/affs.h @@ -156,7 +156,7 @@ extern void affs_free_bitmap(struct super_block *sb); extern int affs_hash_name(struct super_block *sb, const u8 *name, unsigned int len); extern struct dentry *affs_lookup(struct inode *dir, struct dentry *dentry, struct nameidata *); extern int affs_unlink(struct inode *dir, struct dentry *dentry); -extern int affs_create(struct inode *dir, struct dentry *dentry, int mode, struct nameidata *); +extern int affs_create(struct inode *dir, struct dentry *dentry, umode_t mode, struct nameidata *); extern int affs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode); extern int affs_rmdir(struct inode *dir, struct dentry *dentry); extern int affs_link(struct dentry *olddentry, struct inode *dir, diff --git a/fs/affs/namei.c b/fs/affs/namei.c index 7bb7660f805d..47806940aac0 100644 --- a/fs/affs/namei.c +++ b/fs/affs/namei.c @@ -255,13 +255,13 @@ affs_unlink(struct inode *dir, struct dentry *dentry) } int -affs_create(struct inode *dir, struct dentry *dentry, int mode, struct nameidata *nd) +affs_create(struct inode *dir, struct dentry *dentry, umode_t mode, struct nameidata *nd) { struct super_block *sb = dir->i_sb; struct inode *inode; int error; - pr_debug("AFFS: create(%lu,\"%.*s\",0%o)\n",dir->i_ino,(int)dentry->d_name.len, + pr_debug("AFFS: create(%lu,\"%.*s\",0%ho)\n",dir->i_ino,(int)dentry->d_name.len, dentry->d_name.name,mode); inode = affs_new_inode(dir); diff --git a/fs/afs/dir.c b/fs/afs/dir.c index e6ea58abde3b..e22dc4b4a503 100644 --- a/fs/afs/dir.c +++ b/fs/afs/dir.c @@ -28,7 +28,7 @@ static int afs_d_delete(const struct dentry *dentry); static void afs_d_release(struct dentry *dentry); static int afs_lookup_filldir(void *_cookie, const char *name, int nlen, loff_t fpos, u64 ino, unsigned dtype); -static int afs_create(struct inode *dir, struct dentry *dentry, int mode, +static int afs_create(struct inode *dir, struct dentry *dentry, umode_t mode, struct nameidata *nd); static int afs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode); static int afs_rmdir(struct inode *dir, struct dentry *dentry); @@ -948,7 +948,7 @@ error: /* * create a regular file on an AFS filesystem */ -static int afs_create(struct inode *dir, struct dentry *dentry, int mode, +static int afs_create(struct inode *dir, struct dentry *dentry, umode_t mode, struct nameidata *nd) { struct afs_file_status status; @@ -962,7 +962,7 @@ static int afs_create(struct inode *dir, struct dentry *dentry, int mode, dvnode = AFS_FS_I(dir); - _enter("{%x:%u},{%s},%o,", + _enter("{%x:%u},{%s},%ho,", dvnode->fid.vid, dvnode->fid.vnode, dentry->d_name.name, mode); ret = -ENAMETOOLONG; diff --git a/fs/bad_inode.c b/fs/bad_inode.c index 5a2738c1f315..8087fbc35f43 100644 --- a/fs/bad_inode.c +++ b/fs/bad_inode.c @@ -173,7 +173,7 @@ static const struct file_operations bad_file_ops = }; static int bad_inode_create (struct inode *dir, struct dentry *dentry, - int mode, struct nameidata *nd) + umode_t mode, struct nameidata *nd) { return -EIO; } diff --git a/fs/bfs/dir.c b/fs/bfs/dir.c index 9cc074019479..d12c7966db27 100644 --- a/fs/bfs/dir.c +++ b/fs/bfs/dir.c @@ -84,7 +84,7 @@ const struct file_operations bfs_dir_operations = { extern void dump_imap(const char *, struct super_block *); -static int bfs_create(struct inode *dir, struct dentry *dentry, int mode, +static int bfs_create(struct inode *dir, struct dentry *dentry, umode_t mode, struct nameidata *nd) { int err; diff --git a/fs/btrfs/inode.c b/fs/btrfs/inode.c index e30de56e6b62..19630aacb320 100644 --- a/fs/btrfs/inode.c +++ b/fs/btrfs/inode.c @@ -4665,7 +4665,7 @@ out_unlock: } static int btrfs_create(struct inode *dir, struct dentry *dentry, - int mode, struct nameidata *nd) + umode_t mode, struct nameidata *nd) { struct btrfs_trans_handle *trans; struct btrfs_root *root = BTRFS_I(dir)->root; diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c index 96141ae3d8be..9848d686591c 100644 --- a/fs/ceph/dir.c +++ b/fs/ceph/dir.c @@ -699,7 +699,7 @@ static int ceph_mknod(struct inode *dir, struct dentry *dentry, return err; } -static int ceph_create(struct inode *dir, struct dentry *dentry, int mode, +static int ceph_create(struct inode *dir, struct dentry *dentry, umode_t mode, struct nameidata *nd) { dout("create in dir %p dentry %p name '%.*s'\n", diff --git a/fs/cifs/cifsfs.h b/fs/cifs/cifsfs.h index add64454fd51..358724df558b 100644 --- a/fs/cifs/cifsfs.h +++ b/fs/cifs/cifsfs.h @@ -44,7 +44,7 @@ extern const struct address_space_operations cifs_addr_ops_smallbuf; /* Functions related to inodes */ extern const struct inode_operations cifs_dir_inode_ops; extern struct inode *cifs_root_iget(struct super_block *); -extern int cifs_create(struct inode *, struct dentry *, int, +extern int cifs_create(struct inode *, struct dentry *, umode_t, struct nameidata *); extern struct dentry *cifs_lookup(struct inode *, struct dentry *, struct nameidata *); diff --git a/fs/cifs/dir.c b/fs/cifs/dir.c index d7eeb9d3ed6f..2dc8be86be09 100644 --- a/fs/cifs/dir.c +++ b/fs/cifs/dir.c @@ -136,7 +136,7 @@ cifs_bp_rename_retry: /* Inode operations in similar order to how they appear in Linux file fs.h */ int -cifs_create(struct inode *inode, struct dentry *direntry, int mode, +cifs_create(struct inode *inode, struct dentry *direntry, umode_t mode, struct nameidata *nd) { int rc = -ENOENT; diff --git a/fs/coda/dir.c b/fs/coda/dir.c index a74ae6fcfb7e..83d2fd8ec24b 100644 --- a/fs/coda/dir.c +++ b/fs/coda/dir.c @@ -30,7 +30,7 @@ #include "coda_int.h" /* dir inode-ops */ -static int coda_create(struct inode *dir, struct dentry *new, int mode, struct nameidata *nd); +static int coda_create(struct inode *dir, struct dentry *new, umode_t mode, struct nameidata *nd); static struct dentry *coda_lookup(struct inode *dir, struct dentry *target, struct nameidata *nd); static int coda_link(struct dentry *old_dentry, struct inode *dir_inode, struct dentry *entry); @@ -191,7 +191,7 @@ static inline void coda_dir_drop_nlink(struct inode *dir) } /* creation routines: create, mknod, mkdir, link, symlink */ -static int coda_create(struct inode *dir, struct dentry *de, int mode, struct nameidata *nd) +static int coda_create(struct inode *dir, struct dentry *de, umode_t mode, struct nameidata *nd) { int error; const char *name=de->d_name.name; diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c index ebf8726482b6..81e6542ab20f 100644 --- a/fs/ecryptfs/inode.c +++ b/fs/ecryptfs/inode.c @@ -267,7 +267,7 @@ out: */ static int ecryptfs_create(struct inode *directory_inode, struct dentry *ecryptfs_dentry, - int mode, struct nameidata *nd) + umode_t mode, struct nameidata *nd) { struct inode *ecryptfs_inode; int rc; diff --git a/fs/exofs/namei.c b/fs/exofs/namei.c index ff1c8286cd69..58644544849d 100644 --- a/fs/exofs/namei.c +++ b/fs/exofs/namei.c @@ -59,7 +59,7 @@ static struct dentry *exofs_lookup(struct inode *dir, struct dentry *dentry, return d_splice_alias(inode, dentry); } -static int exofs_create(struct inode *dir, struct dentry *dentry, int mode, +static int exofs_create(struct inode *dir, struct dentry *dentry, umode_t mode, struct nameidata *nd) { struct inode *inode = exofs_new_inode(dir, mode); diff --git a/fs/ext2/namei.c b/fs/ext2/namei.c index e3f3672b2020..cb759e661b15 100644 --- a/fs/ext2/namei.c +++ b/fs/ext2/namei.c @@ -94,7 +94,7 @@ struct dentry *ext2_get_parent(struct dentry *child) * If the create succeeds, we fill in the inode information * with d_instantiate(). */ -static int ext2_create (struct inode * dir, struct dentry * dentry, int mode, struct nameidata *nd) +static int ext2_create (struct inode * dir, struct dentry * dentry, umode_t mode, struct nameidata *nd) { struct inode *inode; diff --git a/fs/ext3/namei.c b/fs/ext3/namei.c index 08ecb53a33ea..6047d121f537 100644 --- a/fs/ext3/namei.c +++ b/fs/ext3/namei.c @@ -1698,7 +1698,7 @@ static int ext3_add_nondir(handle_t *handle, * If the create succeeds, we fill in the inode information * with d_instantiate(). */ -static int ext3_create (struct inode * dir, struct dentry * dentry, int mode, +static int ext3_create (struct inode * dir, struct dentry * dentry, umode_t mode, struct nameidata *nd) { handle_t *handle; diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c index e506746724cf..77306f36a610 100644 --- a/fs/ext4/namei.c +++ b/fs/ext4/namei.c @@ -1736,7 +1736,7 @@ static int ext4_add_nondir(handle_t *handle, * If the create succeeds, we fill in the inode information * with d_instantiate(). */ -static int ext4_create(struct inode *dir, struct dentry *dentry, int mode, +static int ext4_create(struct inode *dir, struct dentry *dentry, umode_t mode, struct nameidata *nd) { handle_t *handle; diff --git a/fs/fat/namei_msdos.c b/fs/fat/namei_msdos.c index d1f53cae897c..c5938c9084b9 100644 --- a/fs/fat/namei_msdos.c +++ b/fs/fat/namei_msdos.c @@ -264,7 +264,7 @@ static int msdos_add_entry(struct inode *dir, const unsigned char *name, } /***** Create a file */ -static int msdos_create(struct inode *dir, struct dentry *dentry, int mode, +static int msdos_create(struct inode *dir, struct dentry *dentry, umode_t mode, struct nameidata *nd) { struct super_block *sb = dir->i_sb; diff --git a/fs/fat/namei_vfat.c b/fs/fat/namei_vfat.c index fde2eda6332e..3a444b4e2368 100644 --- a/fs/fat/namei_vfat.c +++ b/fs/fat/namei_vfat.c @@ -781,7 +781,7 @@ error: return ERR_PTR(err); } -static int vfat_create(struct inode *dir, struct dentry *dentry, int mode, +static int vfat_create(struct inode *dir, struct dentry *dentry, umode_t mode, struct nameidata *nd) { struct super_block *sb = dir->i_sb; diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c index 4848a1acb3bb..603bb8a9b8ca 100644 --- a/fs/fuse/dir.c +++ b/fs/fuse/dir.c @@ -573,7 +573,7 @@ static int fuse_mknod(struct inode *dir, struct dentry *entry, int mode, return create_new_entry(fc, req, dir, entry, mode); } -static int fuse_create(struct inode *dir, struct dentry *entry, int mode, +static int fuse_create(struct inode *dir, struct dentry *entry, umode_t mode, struct nameidata *nd) { if (nd) { diff --git a/fs/gfs2/inode.c b/fs/gfs2/inode.c index eecfc39c07e6..aadf792be750 100644 --- a/fs/gfs2/inode.c +++ b/fs/gfs2/inode.c @@ -760,7 +760,7 @@ fail: */ static int gfs2_create(struct inode *dir, struct dentry *dentry, - int mode, struct nameidata *nd) + umode_t mode, struct nameidata *nd) { int excl = 0; if (nd && (nd->flags & LOOKUP_EXCL)) diff --git a/fs/hfs/dir.c b/fs/hfs/dir.c index 06dc161e911c..62fc14ea4b73 100644 --- a/fs/hfs/dir.c +++ b/fs/hfs/dir.c @@ -186,7 +186,7 @@ static int hfs_dir_release(struct inode *inode, struct file *file) * a directory and return a corresponding inode, given the inode for * the directory and the name (and its length) of the new file. */ -static int hfs_create(struct inode *dir, struct dentry *dentry, int mode, +static int hfs_create(struct inode *dir, struct dentry *dentry, umode_t mode, struct nameidata *nd) { struct inode *inode; diff --git a/fs/hfsplus/dir.c b/fs/hfsplus/dir.c index ed321f0384d7..ef6547ca4214 100644 --- a/fs/hfsplus/dir.c +++ b/fs/hfsplus/dir.c @@ -453,7 +453,7 @@ out: return res; } -static int hfsplus_create(struct inode *dir, struct dentry *dentry, int mode, +static int hfsplus_create(struct inode *dir, struct dentry *dentry, umode_t mode, struct nameidata *nd) { return hfsplus_mknod(dir, dentry, mode, 0); diff --git a/fs/hostfs/hostfs_kern.c b/fs/hostfs/hostfs_kern.c index d35240fbbd73..3a3a530f5bad 100644 --- a/fs/hostfs/hostfs_kern.c +++ b/fs/hostfs/hostfs_kern.c @@ -551,7 +551,7 @@ static int read_name(struct inode *ino, char *name) return 0; } -int hostfs_create(struct inode *dir, struct dentry *dentry, int mode, +int hostfs_create(struct inode *dir, struct dentry *dentry, umode_t mode, struct nameidata *nd) { struct inode *inode; diff --git a/fs/hpfs/namei.c b/fs/hpfs/namei.c index a2f89f2b9503..769f76c7303a 100644 --- a/fs/hpfs/namei.c +++ b/fs/hpfs/namei.c @@ -115,7 +115,7 @@ bail: return err; } -static int hpfs_create(struct inode *dir, struct dentry *dentry, int mode, struct nameidata *nd) +static int hpfs_create(struct inode *dir, struct dentry *dentry, umode_t mode, struct nameidata *nd) { const unsigned char *name = dentry->d_name.name; unsigned len = dentry->d_name.len; diff --git a/fs/hugetlbfs/inode.c b/fs/hugetlbfs/inode.c index ba269706e798..57996c3d8d0c 100644 --- a/fs/hugetlbfs/inode.c +++ b/fs/hugetlbfs/inode.c @@ -531,7 +531,7 @@ static int hugetlbfs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mod return retval; } -static int hugetlbfs_create(struct inode *dir, struct dentry *dentry, int mode, struct nameidata *nd) +static int hugetlbfs_create(struct inode *dir, struct dentry *dentry, umode_t mode, struct nameidata *nd) { return hugetlbfs_mknod(dir, dentry, mode | S_IFREG, 0); } diff --git a/fs/jffs2/dir.c b/fs/jffs2/dir.c index 5dc458f19bc9..16a75e9a038d 100644 --- a/fs/jffs2/dir.c +++ b/fs/jffs2/dir.c @@ -22,7 +22,7 @@ static int jffs2_readdir (struct file *, void *, filldir_t); -static int jffs2_create (struct inode *,struct dentry *,int, +static int jffs2_create (struct inode *,struct dentry *,umode_t, struct nameidata *); static struct dentry *jffs2_lookup (struct inode *,struct dentry *, struct nameidata *); @@ -169,8 +169,8 @@ static int jffs2_readdir(struct file *filp, void *dirent, filldir_t filldir) /***********************************************************************/ -static int jffs2_create(struct inode *dir_i, struct dentry *dentry, int mode, - struct nameidata *nd) +static int jffs2_create(struct inode *dir_i, struct dentry *dentry, + umode_t mode, struct nameidata *nd) { struct jffs2_raw_inode *ri; struct jffs2_inode_info *f, *dir_f; diff --git a/fs/jfs/namei.c b/fs/jfs/namei.c index 17ea85835715..6c0b1ab8107d 100644 --- a/fs/jfs/namei.c +++ b/fs/jfs/namei.c @@ -72,7 +72,7 @@ static inline void free_ea_wmap(struct inode *inode) * RETURN: Errors from subroutines * */ -static int jfs_create(struct inode *dip, struct dentry *dentry, int mode, +static int jfs_create(struct inode *dip, struct dentry *dentry, umode_t mode, struct nameidata *nd) { int rc = 0; diff --git a/fs/logfs/dir.c b/fs/logfs/dir.c index 25c5cbf8c123..a74aa461d53c 100644 --- a/fs/logfs/dir.c +++ b/fs/logfs/dir.c @@ -501,7 +501,7 @@ static int logfs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) return __logfs_create(dir, dentry, inode, NULL, 0); } -static int logfs_create(struct inode *dir, struct dentry *dentry, int mode, +static int logfs_create(struct inode *dir, struct dentry *dentry, umode_t mode, struct nameidata *nd) { struct inode *inode; diff --git a/fs/minix/namei.c b/fs/minix/namei.c index 0e7a1a22e554..c652650bf5a3 100644 --- a/fs/minix/namei.c +++ b/fs/minix/namei.c @@ -54,7 +54,7 @@ static int minix_mknod(struct inode * dir, struct dentry *dentry, int mode, dev_ return error; } -static int minix_create(struct inode * dir, struct dentry *dentry, int mode, +static int minix_create(struct inode *dir, struct dentry *dentry, umode_t mode, struct nameidata *nd) { return minix_mknod(dir, dentry, mode, 0); diff --git a/fs/namei.c b/fs/namei.c index 443c703249b3..05d1c2ceb131 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -1976,7 +1976,7 @@ void unlock_rename(struct dentry *p1, struct dentry *p2) } } -int vfs_create(struct inode *dir, struct dentry *dentry, int mode, +int vfs_create(struct inode *dir, struct dentry *dentry, umode_t mode, struct nameidata *nd) { int error = may_create(dir, dentry); diff --git a/fs/ncpfs/dir.c b/fs/ncpfs/dir.c index dfb51f084407..98d1b8c6fd8c 100644 --- a/fs/ncpfs/dir.c +++ b/fs/ncpfs/dir.c @@ -30,7 +30,7 @@ static void ncp_do_readdir(struct file *, void *, filldir_t, static int ncp_readdir(struct file *, void *, filldir_t); -static int ncp_create(struct inode *, struct dentry *, int, struct nameidata *); +static int ncp_create(struct inode *, struct dentry *, umode_t, struct nameidata *); static struct dentry *ncp_lookup(struct inode *, struct dentry *, struct nameidata *); static int ncp_unlink(struct inode *, struct dentry *); static int ncp_mkdir(struct inode *, struct dentry *, umode_t); @@ -979,7 +979,7 @@ out: return error; } -static int ncp_create(struct inode *dir, struct dentry *dentry, int mode, +static int ncp_create(struct inode *dir, struct dentry *dentry, umode_t mode, struct nameidata *nd) { return ncp_create_new(dir, dentry, mode, 0, 0); diff --git a/fs/nfs/dir.c b/fs/nfs/dir.c index 5d67d92a4248..7cdee1d4160f 100644 --- a/fs/nfs/dir.c +++ b/fs/nfs/dir.c @@ -47,7 +47,7 @@ static int nfs_opendir(struct inode *, struct file *); static int nfs_closedir(struct inode *, struct file *); static int nfs_readdir(struct file *, void *, filldir_t); static struct dentry *nfs_lookup(struct inode *, struct dentry *, struct nameidata *); -static int nfs_create(struct inode *, struct dentry *, int, struct nameidata *); +static int nfs_create(struct inode *, struct dentry *, umode_t, struct nameidata *); static int nfs_mkdir(struct inode *, struct dentry *, umode_t); static int nfs_rmdir(struct inode *, struct dentry *); static int nfs_unlink(struct inode *, struct dentry *); @@ -112,7 +112,7 @@ const struct inode_operations nfs3_dir_inode_operations = { #ifdef CONFIG_NFS_V4 static struct dentry *nfs_atomic_lookup(struct inode *, struct dentry *, struct nameidata *); -static int nfs_open_create(struct inode *dir, struct dentry *dentry, int mode, struct nameidata *nd); +static int nfs_open_create(struct inode *dir, struct dentry *dentry, umode_t mode, struct nameidata *nd); const struct inode_operations nfs4_dir_inode_operations = { .create = nfs_open_create, .lookup = nfs_atomic_lookup, @@ -1573,8 +1573,8 @@ no_open: return nfs_lookup_revalidate(dentry, nd); } -static int nfs_open_create(struct inode *dir, struct dentry *dentry, int mode, - struct nameidata *nd) +static int nfs_open_create(struct inode *dir, struct dentry *dentry, + umode_t mode, struct nameidata *nd) { struct nfs_open_context *ctx = NULL; struct iattr attr; @@ -1664,8 +1664,8 @@ out_error: * that the operation succeeded on the server, but an error in the * reply path made it appear to have failed. */ -static int nfs_create(struct inode *dir, struct dentry *dentry, int mode, - struct nameidata *nd) +static int nfs_create(struct inode *dir, struct dentry *dentry, + umode_t mode, struct nameidata *nd) { struct iattr attr; int error; diff --git a/fs/nilfs2/namei.c b/fs/nilfs2/namei.c index e5e7311f1b92..fcd86c38f968 100644 --- a/fs/nilfs2/namei.c +++ b/fs/nilfs2/namei.c @@ -84,7 +84,7 @@ nilfs_lookup(struct inode *dir, struct dentry *dentry, struct nameidata *nd) * If the create succeeds, we fill in the inode information * with d_instantiate(). */ -static int nilfs_create(struct inode *dir, struct dentry *dentry, int mode, +static int nilfs_create(struct inode *dir, struct dentry *dentry, umode_t mode, struct nameidata *nd) { struct inode *inode; diff --git a/fs/ocfs2/dlmfs/dlmfs.c b/fs/ocfs2/dlmfs/dlmfs.c index 77c8d8069461..ccb33289c29a 100644 --- a/fs/ocfs2/dlmfs/dlmfs.c +++ b/fs/ocfs2/dlmfs/dlmfs.c @@ -536,7 +536,7 @@ bail: static int dlmfs_create(struct inode *dir, struct dentry *dentry, - int mode, + umode_t mode, struct nameidata *nd) { int status = 0; diff --git a/fs/ocfs2/namei.c b/fs/ocfs2/namei.c index c779f8bfc8a6..46f46ffe77c5 100644 --- a/fs/ocfs2/namei.c +++ b/fs/ocfs2/namei.c @@ -617,7 +617,7 @@ static int ocfs2_mkdir(struct inode *dir, static int ocfs2_create(struct inode *dir, struct dentry *dentry, - int mode, + umode_t mode, struct nameidata *nd) { int ret; diff --git a/fs/omfs/dir.c b/fs/omfs/dir.c index 667dc7ff28c0..d82599f49f6d 100644 --- a/fs/omfs/dir.c +++ b/fs/omfs/dir.c @@ -284,7 +284,7 @@ static int omfs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) return omfs_add_node(dir, dentry, mode | S_IFDIR); } -static int omfs_create(struct inode *dir, struct dentry *dentry, int mode, +static int omfs_create(struct inode *dir, struct dentry *dentry, umode_t mode, struct nameidata *nd) { return omfs_add_node(dir, dentry, mode | S_IFREG); diff --git a/fs/ramfs/inode.c b/fs/ramfs/inode.c index 61972bee0561..c2ed2a36094e 100644 --- a/fs/ramfs/inode.c +++ b/fs/ramfs/inode.c @@ -114,7 +114,7 @@ static int ramfs_mkdir(struct inode * dir, struct dentry * dentry, umode_t mode) return retval; } -static int ramfs_create(struct inode *dir, struct dentry *dentry, int mode, struct nameidata *nd) +static int ramfs_create(struct inode *dir, struct dentry *dentry, umode_t mode, struct nameidata *nd) { return ramfs_mknod(dir, dentry, mode | S_IFREG, 0); } diff --git a/fs/reiserfs/namei.c b/fs/reiserfs/namei.c index 763239a7e8dd..46db3b9fa7cf 100644 --- a/fs/reiserfs/namei.c +++ b/fs/reiserfs/namei.c @@ -572,7 +572,7 @@ static int new_inode_init(struct inode *inode, struct inode *dir, int mode) return 0; } -static int reiserfs_create(struct inode *dir, struct dentry *dentry, int mode, +static int reiserfs_create(struct inode *dir, struct dentry *dentry, umode_t mode, struct nameidata *nd) { int retval; diff --git a/fs/sysv/namei.c b/fs/sysv/namei.c index 3368425a4ce2..d306eebeb6c1 100644 --- a/fs/sysv/namei.c +++ b/fs/sysv/namei.c @@ -80,7 +80,7 @@ static int sysv_mknod(struct inode * dir, struct dentry * dentry, int mode, dev_ return err; } -static int sysv_create(struct inode * dir, struct dentry * dentry, int mode, struct nameidata *nd) +static int sysv_create(struct inode * dir, struct dentry * dentry, umode_t mode, struct nameidata *nd) { return sysv_mknod(dir, dentry, mode, 0); } diff --git a/fs/ubifs/dir.c b/fs/ubifs/dir.c index f5102f368160..f332878ce4de 100644 --- a/fs/ubifs/dir.c +++ b/fs/ubifs/dir.c @@ -253,7 +253,7 @@ out: return ERR_PTR(err); } -static int ubifs_create(struct inode *dir, struct dentry *dentry, int mode, +static int ubifs_create(struct inode *dir, struct dentry *dentry, umode_t mode, struct nameidata *nd) { struct inode *inode; @@ -268,7 +268,7 @@ static int ubifs_create(struct inode *dir, struct dentry *dentry, int mode, * parent directory inode. */ - dbg_gen("dent '%.*s', mode %#x in dir ino %lu", + dbg_gen("dent '%.*s', mode %#hx in dir ino %lu", dentry->d_name.len, dentry->d_name.name, mode, dir->i_ino); err = ubifs_budget_space(c, &req); diff --git a/fs/udf/namei.c b/fs/udf/namei.c index 7f8ee32842be..135a4ca01038 100644 --- a/fs/udf/namei.c +++ b/fs/udf/namei.c @@ -552,7 +552,7 @@ static int udf_delete_entry(struct inode *inode, struct fileIdentDesc *fi, return udf_write_fi(inode, cfi, fi, fibh, NULL, NULL); } -static int udf_create(struct inode *dir, struct dentry *dentry, int mode, +static int udf_create(struct inode *dir, struct dentry *dentry, umode_t mode, struct nameidata *nd) { struct udf_fileident_bh fibh; diff --git a/fs/ufs/namei.c b/fs/ufs/namei.c index fa743aaa327c..ba2a9d6c0314 100644 --- a/fs/ufs/namei.c +++ b/fs/ufs/namei.c @@ -70,7 +70,7 @@ static struct dentry *ufs_lookup(struct inode * dir, struct dentry *dentry, stru * If the create succeeds, we fill in the inode information * with d_instantiate(). */ -static int ufs_create (struct inode * dir, struct dentry * dentry, int mode, +static int ufs_create (struct inode * dir, struct dentry * dentry, umode_t mode, struct nameidata *nd) { struct inode *inode; diff --git a/fs/xfs/xfs_iops.c b/fs/xfs/xfs_iops.c index 99b324d43c98..0efa4e51bebf 100644 --- a/fs/xfs/xfs_iops.c +++ b/fs/xfs/xfs_iops.c @@ -231,7 +231,7 @@ STATIC int xfs_vn_create( struct inode *dir, struct dentry *dentry, - int mode, + umode_t mode, struct nameidata *nd) { return xfs_vn_mknod(dir, dentry, mode, 0); diff --git a/include/linux/fs.h b/include/linux/fs.h index 3f7bd8b12e37..e40321a6e239 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -1516,7 +1516,7 @@ extern void unlock_super(struct super_block *); /* * VFS helper functions.. */ -extern int vfs_create(struct inode *, struct dentry *, int, struct nameidata *); +extern int vfs_create(struct inode *, struct dentry *, umode_t, struct nameidata *); extern int vfs_mkdir(struct inode *, struct dentry *, umode_t); extern int vfs_mknod(struct inode *, struct dentry *, int, dev_t); extern int vfs_symlink(struct inode *, struct dentry *, const char *); @@ -1619,7 +1619,7 @@ struct inode_operations { int (*readlink) (struct dentry *, char __user *,int); void (*put_link) (struct dentry *, struct nameidata *, void *); - int (*create) (struct inode *,struct dentry *,int, struct nameidata *); + int (*create) (struct inode *,struct dentry *,umode_t,struct nameidata *); int (*link) (struct dentry *,struct inode *,struct dentry *); int (*unlink) (struct inode *,struct dentry *); int (*symlink) (struct inode *,struct dentry *,const char *); diff --git a/include/linux/security.h b/include/linux/security.h index 16cbc58cb13b..8fc22373db34 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -1447,7 +1447,7 @@ struct security_operations { const struct qstr *qstr, char **name, void **value, size_t *len); int (*inode_create) (struct inode *dir, - struct dentry *dentry, int mode); + struct dentry *dentry, umode_t mode); int (*inode_link) (struct dentry *old_dentry, struct inode *dir, struct dentry *new_dentry); int (*inode_unlink) (struct inode *dir, struct dentry *dentry); @@ -1716,7 +1716,7 @@ int security_inode_init_security(struct inode *inode, struct inode *dir, int security_old_inode_init_security(struct inode *inode, struct inode *dir, const struct qstr *qstr, char **name, void **value, size_t *len); -int security_inode_create(struct inode *dir, struct dentry *dentry, int mode); +int security_inode_create(struct inode *dir, struct dentry *dentry, umode_t mode); int security_inode_link(struct dentry *old_dentry, struct inode *dir, struct dentry *new_dentry); int security_inode_unlink(struct inode *dir, struct dentry *dentry); @@ -2061,7 +2061,7 @@ static inline int security_old_inode_init_security(struct inode *inode, static inline int security_inode_create(struct inode *dir, struct dentry *dentry, - int mode) + umode_t mode) { return 0; } diff --git a/ipc/mqueue.c b/ipc/mqueue.c index 4e0be364aa36..57ed704d2ca7 100644 --- a/ipc/mqueue.c +++ b/ipc/mqueue.c @@ -295,7 +295,7 @@ static void mqueue_evict_inode(struct inode *inode) } static int mqueue_create(struct inode *dir, struct dentry *dentry, - int mode, struct nameidata *nd) + umode_t mode, struct nameidata *nd) { struct inode *inode; struct mq_attr *attr = dentry->d_fsdata; @@ -610,7 +610,7 @@ static int mq_attr_ok(struct ipc_namespace *ipc_ns, struct mq_attr *attr) * Invoked when creating a new queue via sys_mq_open */ static struct file *do_create(struct ipc_namespace *ipc_ns, struct dentry *dir, - struct dentry *dentry, int oflag, mode_t mode, + struct dentry *dentry, int oflag, umode_t mode, struct mq_attr *attr) { const struct cred *cred = current_cred(); diff --git a/mm/shmem.c b/mm/shmem.c index b8a8ddf069d0..542aad28928d 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -1499,7 +1499,7 @@ static int shmem_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) return 0; } -static int shmem_create(struct inode *dir, struct dentry *dentry, int mode, +static int shmem_create(struct inode *dir, struct dentry *dentry, umode_t mode, struct nameidata *nd) { return shmem_mknod(dir, dentry, mode | S_IFREG, 0); diff --git a/security/capability.c b/security/capability.c index ddd17892826a..ff18d0ca30bf 100644 --- a/security/capability.c +++ b/security/capability.c @@ -125,7 +125,7 @@ static int cap_inode_init_security(struct inode *inode, struct inode *dir, } static int cap_inode_create(struct inode *inode, struct dentry *dentry, - int mask) + umode_t mask) { return 0; } diff --git a/security/security.c b/security/security.c index be49eb5768bc..2420eed87639 100644 --- a/security/security.c +++ b/security/security.c @@ -475,7 +475,7 @@ int security_path_chroot(struct path *path) } #endif -int security_inode_create(struct inode *dir, struct dentry *dentry, int mode) +int security_inode_create(struct inode *dir, struct dentry *dentry, umode_t mode) { if (unlikely(IS_PRIVATE(dir))) return 0; diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index ad74ad24ce2a..a1eba2b9ea5c 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2598,7 +2598,7 @@ static int selinux_inode_init_security(struct inode *inode, struct inode *dir, return 0; } -static int selinux_inode_create(struct inode *dir, struct dentry *dentry, int mask) +static int selinux_inode_create(struct inode *dir, struct dentry *dentry, umode_t mode) { return may_create(dir, dentry, SECCLASS_FILE); } -- cgit v1.2.3-70-g09d2 From 1a67aafb5f72a436ca044293309fa7e6351d6a35 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Tue, 26 Jul 2011 01:52:52 -0400 Subject: switch ->mknod() to umode_t Signed-off-by: Al Viro --- Documentation/filesystems/Locking | 2 +- Documentation/filesystems/vfs.txt | 2 +- fs/9p/vfs_inode.c | 2 +- fs/9p/vfs_inode_dotl.c | 6 +++--- fs/bad_inode.c | 2 +- fs/btrfs/inode.c | 2 +- fs/ceph/dir.c | 4 ++-- fs/cifs/cifsfs.h | 2 +- fs/cifs/dir.c | 2 +- fs/ecryptfs/inode.c | 2 +- fs/exofs/namei.c | 2 +- fs/ext2/namei.c | 2 +- fs/ext3/namei.c | 2 +- fs/ext4/namei.c | 2 +- fs/fuse/dir.c | 2 +- fs/gfs2/inode.c | 2 +- fs/hfsplus/dir.c | 2 +- fs/hostfs/hostfs_kern.c | 2 +- fs/hpfs/namei.c | 2 +- fs/hugetlbfs/inode.c | 2 +- fs/jffs2/dir.c | 4 ++-- fs/jfs/namei.c | 2 +- fs/logfs/dir.c | 2 +- fs/minix/namei.c | 2 +- fs/namei.c | 2 +- fs/ncpfs/dir.c | 6 +++--- fs/nfs/dir.c | 4 ++-- fs/nilfs2/namei.c | 2 +- fs/ocfs2/namei.c | 2 +- fs/ramfs/inode.c | 2 +- fs/reiserfs/namei.c | 2 +- fs/sysv/namei.c | 2 +- fs/ubifs/dir.c | 2 +- fs/udf/namei.c | 2 +- fs/ufs/namei.c | 2 +- fs/xfs/xfs_iops.c | 2 +- include/linux/fs.h | 4 ++-- include/linux/security.h | 4 ++-- mm/shmem.c | 2 +- security/capability.c | 2 +- security/security.c | 2 +- security/selinux/hooks.c | 2 +- 42 files changed, 51 insertions(+), 51 deletions(-) (limited to 'include/linux/security.h') diff --git a/Documentation/filesystems/Locking b/Documentation/filesystems/Locking index 38d00c8898b9..9e9f30b9f46b 100644 --- a/Documentation/filesystems/Locking +++ b/Documentation/filesystems/Locking @@ -45,7 +45,7 @@ ata *); int (*symlink) (struct inode *,struct dentry *,const char *); int (*mkdir) (struct inode *,struct dentry *,umode_t); int (*rmdir) (struct inode *,struct dentry *); - int (*mknod) (struct inode *,struct dentry *,int,dev_t); + int (*mknod) (struct inode *,struct dentry *,umode_t,dev_t); int (*rename) (struct inode *, struct dentry *, struct inode *, struct dentry *); int (*readlink) (struct dentry *, char __user *,int); diff --git a/Documentation/filesystems/vfs.txt b/Documentation/filesystems/vfs.txt index e7b900bc6285..4b9f0d092a79 100644 --- a/Documentation/filesystems/vfs.txt +++ b/Documentation/filesystems/vfs.txt @@ -348,7 +348,7 @@ struct inode_operations { int (*symlink) (struct inode *,struct dentry *,const char *); int (*mkdir) (struct inode *,struct dentry *,umode_t); int (*rmdir) (struct inode *,struct dentry *); - int (*mknod) (struct inode *,struct dentry *,int,dev_t); + int (*mknod) (struct inode *,struct dentry *,umode_t,dev_t); int (*rename) (struct inode *, struct dentry *, struct inode *, struct dentry *); int (*readlink) (struct dentry *, char __user *,int); diff --git a/fs/9p/vfs_inode.c b/fs/9p/vfs_inode.c index 15cd5cef4485..f54a26859fcc 100644 --- a/fs/9p/vfs_inode.c +++ b/fs/9p/vfs_inode.c @@ -1397,7 +1397,7 @@ clunk_fid: */ static int -v9fs_vfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t rdev) +v9fs_vfs_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t rdev) { int retval; char *name; diff --git a/fs/9p/vfs_inode_dotl.c b/fs/9p/vfs_inode_dotl.c index c4731381f0c5..259f0cd248c8 100644 --- a/fs/9p/vfs_inode_dotl.c +++ b/fs/9p/vfs_inode_dotl.c @@ -48,7 +48,7 @@ #include "acl.h" static int -v9fs_vfs_mknod_dotl(struct inode *dir, struct dentry *dentry, int omode, +v9fs_vfs_mknod_dotl(struct inode *dir, struct dentry *dentry, umode_t omode, dev_t rdev); /** @@ -799,7 +799,7 @@ v9fs_vfs_link_dotl(struct dentry *old_dentry, struct inode *dir, * */ static int -v9fs_vfs_mknod_dotl(struct inode *dir, struct dentry *dentry, int omode, +v9fs_vfs_mknod_dotl(struct inode *dir, struct dentry *dentry, umode_t omode, dev_t rdev) { int err; @@ -814,7 +814,7 @@ v9fs_vfs_mknod_dotl(struct inode *dir, struct dentry *dentry, int omode, struct posix_acl *dacl = NULL, *pacl = NULL; P9_DPRINTK(P9_DEBUG_VFS, - " %lu,%s mode: %x MAJOR: %u MINOR: %u\n", dir->i_ino, + " %lu,%s mode: %hx MAJOR: %u MINOR: %u\n", dir->i_ino, dentry->d_name.name, omode, MAJOR(rdev), MINOR(rdev)); if (!new_valid_dev(rdev)) diff --git a/fs/bad_inode.c b/fs/bad_inode.c index 8087fbc35f43..22e9a78872ff 100644 --- a/fs/bad_inode.c +++ b/fs/bad_inode.c @@ -213,7 +213,7 @@ static int bad_inode_rmdir (struct inode *dir, struct dentry *dentry) } static int bad_inode_mknod (struct inode *dir, struct dentry *dentry, - int mode, dev_t rdev) + umode_t mode, dev_t rdev) { return -EIO; } diff --git a/fs/btrfs/inode.c b/fs/btrfs/inode.c index 19630aacb320..0060875d6af6 100644 --- a/fs/btrfs/inode.c +++ b/fs/btrfs/inode.c @@ -4596,7 +4596,7 @@ static int btrfs_add_nondir(struct btrfs_trans_handle *trans, } static int btrfs_mknod(struct inode *dir, struct dentry *dentry, - int mode, dev_t rdev) + umode_t mode, dev_t rdev) { struct btrfs_trans_handle *trans; struct btrfs_root *root = BTRFS_I(dir)->root; diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c index 9848d686591c..f011ed295bf7 100644 --- a/fs/ceph/dir.c +++ b/fs/ceph/dir.c @@ -666,7 +666,7 @@ int ceph_handle_notrace_create(struct inode *dir, struct dentry *dentry) } static int ceph_mknod(struct inode *dir, struct dentry *dentry, - int mode, dev_t rdev) + umode_t mode, dev_t rdev) { struct ceph_fs_client *fsc = ceph_sb_to_client(dir->i_sb); struct ceph_mds_client *mdsc = fsc->mdsc; @@ -676,7 +676,7 @@ static int ceph_mknod(struct inode *dir, struct dentry *dentry, if (ceph_snap(dir) != CEPH_NOSNAP) return -EROFS; - dout("mknod in dir %p dentry %p mode 0%o rdev %d\n", + dout("mknod in dir %p dentry %p mode 0%ho rdev %d\n", dir, dentry, mode, rdev); req = ceph_mdsc_create_request(mdsc, CEPH_MDS_OP_MKNOD, USE_AUTH_MDS); if (IS_ERR(req)) { diff --git a/fs/cifs/cifsfs.h b/fs/cifs/cifsfs.h index 358724df558b..fe5ecf1b422a 100644 --- a/fs/cifs/cifsfs.h +++ b/fs/cifs/cifsfs.h @@ -50,7 +50,7 @@ extern struct dentry *cifs_lookup(struct inode *, struct dentry *, struct nameidata *); extern int cifs_unlink(struct inode *dir, struct dentry *dentry); extern int cifs_hardlink(struct dentry *, struct inode *, struct dentry *); -extern int cifs_mknod(struct inode *, struct dentry *, int, dev_t); +extern int cifs_mknod(struct inode *, struct dentry *, umode_t, dev_t); extern int cifs_mkdir(struct inode *, struct dentry *, umode_t); extern int cifs_rmdir(struct inode *, struct dentry *); extern int cifs_rename(struct inode *, struct dentry *, struct inode *, diff --git a/fs/cifs/dir.c b/fs/cifs/dir.c index 2dc8be86be09..df8fecb5b993 100644 --- a/fs/cifs/dir.c +++ b/fs/cifs/dir.c @@ -355,7 +355,7 @@ cifs_create_out: return rc; } -int cifs_mknod(struct inode *inode, struct dentry *direntry, int mode, +int cifs_mknod(struct inode *inode, struct dentry *direntry, umode_t mode, dev_t device_number) { int rc = -EPERM; diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c index 81e6542ab20f..be20cbfca7e9 100644 --- a/fs/ecryptfs/inode.c +++ b/fs/ecryptfs/inode.c @@ -607,7 +607,7 @@ static int ecryptfs_rmdir(struct inode *dir, struct dentry *dentry) } static int -ecryptfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev) +ecryptfs_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev) { int rc; struct dentry *lower_dentry; diff --git a/fs/exofs/namei.c b/fs/exofs/namei.c index 58644544849d..9dbf0c301030 100644 --- a/fs/exofs/namei.c +++ b/fs/exofs/namei.c @@ -74,7 +74,7 @@ static int exofs_create(struct inode *dir, struct dentry *dentry, umode_t mode, return err; } -static int exofs_mknod(struct inode *dir, struct dentry *dentry, int mode, +static int exofs_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t rdev) { struct inode *inode; diff --git a/fs/ext2/namei.c b/fs/ext2/namei.c index cb759e661b15..080419814bae 100644 --- a/fs/ext2/namei.c +++ b/fs/ext2/namei.c @@ -119,7 +119,7 @@ static int ext2_create (struct inode * dir, struct dentry * dentry, umode_t mode return ext2_add_nondir(dentry, inode); } -static int ext2_mknod (struct inode * dir, struct dentry *dentry, int mode, dev_t rdev) +static int ext2_mknod (struct inode * dir, struct dentry *dentry, umode_t mode, dev_t rdev) { struct inode * inode; int err; diff --git a/fs/ext3/namei.c b/fs/ext3/namei.c index 6047d121f537..4f35b2f315d4 100644 --- a/fs/ext3/namei.c +++ b/fs/ext3/namei.c @@ -1732,7 +1732,7 @@ retry: } static int ext3_mknod (struct inode * dir, struct dentry *dentry, - int mode, dev_t rdev) + umode_t mode, dev_t rdev) { handle_t *handle; struct inode *inode; diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c index 77306f36a610..86edc45b52a4 100644 --- a/fs/ext4/namei.c +++ b/fs/ext4/namei.c @@ -1770,7 +1770,7 @@ retry: } static int ext4_mknod(struct inode *dir, struct dentry *dentry, - int mode, dev_t rdev) + umode_t mode, dev_t rdev) { handle_t *handle; struct inode *inode; diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c index 603bb8a9b8ca..b4c09c5ed8dc 100644 --- a/fs/fuse/dir.c +++ b/fs/fuse/dir.c @@ -547,7 +547,7 @@ static int create_new_entry(struct fuse_conn *fc, struct fuse_req *req, return err; } -static int fuse_mknod(struct inode *dir, struct dentry *entry, int mode, +static int fuse_mknod(struct inode *dir, struct dentry *entry, umode_t mode, dev_t rdev) { struct fuse_mknod_in inarg; diff --git a/fs/gfs2/inode.c b/fs/gfs2/inode.c index aadf792be750..ea4edf510559 100644 --- a/fs/gfs2/inode.c +++ b/fs/gfs2/inode.c @@ -1143,7 +1143,7 @@ static int gfs2_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) * */ -static int gfs2_mknod(struct inode *dir, struct dentry *dentry, int mode, +static int gfs2_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev) { return gfs2_create_inode(dir, dentry, mode, dev, NULL, 0, 0); diff --git a/fs/hfsplus/dir.c b/fs/hfsplus/dir.c index ef6547ca4214..88e155f895c6 100644 --- a/fs/hfsplus/dir.c +++ b/fs/hfsplus/dir.c @@ -424,7 +424,7 @@ out: } static int hfsplus_mknod(struct inode *dir, struct dentry *dentry, - int mode, dev_t rdev) + umode_t mode, dev_t rdev) { struct hfsplus_sb_info *sbi = HFSPLUS_SB(dir->i_sb); struct inode *inode; diff --git a/fs/hostfs/hostfs_kern.c b/fs/hostfs/hostfs_kern.c index 3a3a530f5bad..a7340e710a90 100644 --- a/fs/hostfs/hostfs_kern.c +++ b/fs/hostfs/hostfs_kern.c @@ -700,7 +700,7 @@ int hostfs_rmdir(struct inode *ino, struct dentry *dentry) return err; } -int hostfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev) +static int hostfs_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev) { struct inode *inode; char *name; diff --git a/fs/hpfs/namei.c b/fs/hpfs/namei.c index 769f76c7303a..30dd7b10b507 100644 --- a/fs/hpfs/namei.c +++ b/fs/hpfs/namei.c @@ -201,7 +201,7 @@ bail: return err; } -static int hpfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t rdev) +static int hpfs_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t rdev) { const unsigned char *name = dentry->d_name.name; unsigned len = dentry->d_name.len; diff --git a/fs/hugetlbfs/inode.c b/fs/hugetlbfs/inode.c index 57996c3d8d0c..698485ce5f3f 100644 --- a/fs/hugetlbfs/inode.c +++ b/fs/hugetlbfs/inode.c @@ -500,7 +500,7 @@ static struct inode *hugetlbfs_get_inode(struct super_block *sb, uid_t uid, * File creation. Allocate an inode, and we're done.. */ static int hugetlbfs_mknod(struct inode *dir, - struct dentry *dentry, int mode, dev_t dev) + struct dentry *dentry, umode_t mode, dev_t dev) { struct inode *inode; int error = -ENOSPC; diff --git a/fs/jffs2/dir.c b/fs/jffs2/dir.c index 16a75e9a038d..973ac5822bd7 100644 --- a/fs/jffs2/dir.c +++ b/fs/jffs2/dir.c @@ -31,7 +31,7 @@ static int jffs2_unlink (struct inode *,struct dentry *); static int jffs2_symlink (struct inode *,struct dentry *,const char *); static int jffs2_mkdir (struct inode *,struct dentry *,umode_t); static int jffs2_rmdir (struct inode *,struct dentry *); -static int jffs2_mknod (struct inode *,struct dentry *,int,dev_t); +static int jffs2_mknod (struct inode *,struct dentry *,umode_t,dev_t); static int jffs2_rename (struct inode *, struct dentry *, struct inode *, struct dentry *); @@ -618,7 +618,7 @@ static int jffs2_rmdir (struct inode *dir_i, struct dentry *dentry) return ret; } -static int jffs2_mknod (struct inode *dir_i, struct dentry *dentry, int mode, dev_t rdev) +static int jffs2_mknod (struct inode *dir_i, struct dentry *dentry, umode_t mode, dev_t rdev) { struct jffs2_inode_info *f, *dir_f; struct jffs2_sb_info *c; diff --git a/fs/jfs/namei.c b/fs/jfs/namei.c index 6c0b1ab8107d..5f7c160ea64f 100644 --- a/fs/jfs/namei.c +++ b/fs/jfs/namei.c @@ -1353,7 +1353,7 @@ static int jfs_rename(struct inode *old_dir, struct dentry *old_dentry, * FUNCTION: Create a special file (device) */ static int jfs_mknod(struct inode *dir, struct dentry *dentry, - int mode, dev_t rdev) + umode_t mode, dev_t rdev) { struct jfs_inode_info *jfs_ip; struct btstack btstack; diff --git a/fs/logfs/dir.c b/fs/logfs/dir.c index a74aa461d53c..501043e8966c 100644 --- a/fs/logfs/dir.c +++ b/fs/logfs/dir.c @@ -517,7 +517,7 @@ static int logfs_create(struct inode *dir, struct dentry *dentry, umode_t mode, return __logfs_create(dir, dentry, inode, NULL, 0); } -static int logfs_mknod(struct inode *dir, struct dentry *dentry, int mode, +static int logfs_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t rdev) { struct inode *inode; diff --git a/fs/minix/namei.c b/fs/minix/namei.c index c652650bf5a3..2f76e38c2065 100644 --- a/fs/minix/namei.c +++ b/fs/minix/namei.c @@ -36,7 +36,7 @@ static struct dentry *minix_lookup(struct inode * dir, struct dentry *dentry, st return NULL; } -static int minix_mknod(struct inode * dir, struct dentry *dentry, int mode, dev_t rdev) +static int minix_mknod(struct inode * dir, struct dentry *dentry, umode_t mode, dev_t rdev) { int error; struct inode *inode; diff --git a/fs/namei.c b/fs/namei.c index 05d1c2ceb131..85bb44f222c9 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -2444,7 +2444,7 @@ struct dentry *user_path_create(int dfd, const char __user *pathname, struct pat } EXPORT_SYMBOL(user_path_create); -int vfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev) +int vfs_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev) { int error = may_create(dir, dentry); diff --git a/fs/ncpfs/dir.c b/fs/ncpfs/dir.c index 98d1b8c6fd8c..a2d50f803a17 100644 --- a/fs/ncpfs/dir.c +++ b/fs/ncpfs/dir.c @@ -38,7 +38,7 @@ static int ncp_rmdir(struct inode *, struct dentry *); static int ncp_rename(struct inode *, struct dentry *, struct inode *, struct dentry *); static int ncp_mknod(struct inode * dir, struct dentry *dentry, - int mode, dev_t rdev); + umode_t mode, dev_t rdev); #if defined(CONFIG_NCPFS_EXTRAS) || defined(CONFIG_NCPFS_NFS_NS) extern int ncp_symlink(struct inode *, struct dentry *, const char *); #else @@ -1201,12 +1201,12 @@ out: } static int ncp_mknod(struct inode * dir, struct dentry *dentry, - int mode, dev_t rdev) + umode_t mode, dev_t rdev) { if (!new_valid_dev(rdev)) return -EINVAL; if (ncp_is_nfs_extras(NCP_SERVER(dir), NCP_FINFO(dir)->volNumber)) { - DPRINTK(KERN_DEBUG "ncp_mknod: mode = 0%o\n", mode); + DPRINTK(KERN_DEBUG "ncp_mknod: mode = 0%ho\n", mode); return ncp_create_new(dir, dentry, mode, rdev, 0); } return -EPERM; /* Strange, but true */ diff --git a/fs/nfs/dir.c b/fs/nfs/dir.c index 7cdee1d4160f..fd9a872fada0 100644 --- a/fs/nfs/dir.c +++ b/fs/nfs/dir.c @@ -53,7 +53,7 @@ static int nfs_rmdir(struct inode *, struct dentry *); static int nfs_unlink(struct inode *, struct dentry *); static int nfs_symlink(struct inode *, struct dentry *, const char *); static int nfs_link(struct dentry *, struct inode *, struct dentry *); -static int nfs_mknod(struct inode *, struct dentry *, int, dev_t); +static int nfs_mknod(struct inode *, struct dentry *, umode_t, dev_t); static int nfs_rename(struct inode *, struct dentry *, struct inode *, struct dentry *); static int nfs_fsync_dir(struct file *, loff_t, loff_t, int); @@ -1693,7 +1693,7 @@ out_err: * See comments for nfs_proc_create regarding failed operations. */ static int -nfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t rdev) +nfs_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t rdev) { struct iattr attr; int status; diff --git a/fs/nilfs2/namei.c b/fs/nilfs2/namei.c index fcd86c38f968..1cd3f624dffc 100644 --- a/fs/nilfs2/namei.c +++ b/fs/nilfs2/namei.c @@ -112,7 +112,7 @@ static int nilfs_create(struct inode *dir, struct dentry *dentry, umode_t mode, } static int -nilfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t rdev) +nilfs_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t rdev) { struct inode *inode; struct nilfs_transaction_info ti; diff --git a/fs/ocfs2/namei.c b/fs/ocfs2/namei.c index 46f46ffe77c5..11c62e20054c 100644 --- a/fs/ocfs2/namei.c +++ b/fs/ocfs2/namei.c @@ -207,7 +207,7 @@ static struct inode *ocfs2_get_init_inode(struct inode *dir, int mode) static int ocfs2_mknod(struct inode *dir, struct dentry *dentry, - int mode, + umode_t mode, dev_t dev) { int status = 0; diff --git a/fs/ramfs/inode.c b/fs/ramfs/inode.c index c2ed2a36094e..145680e9d581 100644 --- a/fs/ramfs/inode.c +++ b/fs/ramfs/inode.c @@ -92,7 +92,7 @@ struct inode *ramfs_get_inode(struct super_block *sb, */ /* SMP-safe */ static int -ramfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev) +ramfs_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev) { struct inode * inode = ramfs_get_inode(dir->i_sb, dir, mode, dev); int error = -ENOSPC; diff --git a/fs/reiserfs/namei.c b/fs/reiserfs/namei.c index 46db3b9fa7cf..a8614bd7cc8d 100644 --- a/fs/reiserfs/namei.c +++ b/fs/reiserfs/namei.c @@ -643,7 +643,7 @@ static int reiserfs_create(struct inode *dir, struct dentry *dentry, umode_t mod return retval; } -static int reiserfs_mknod(struct inode *dir, struct dentry *dentry, int mode, +static int reiserfs_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t rdev) { int retval; diff --git a/fs/sysv/namei.c b/fs/sysv/namei.c index d306eebeb6c1..b217797e621b 100644 --- a/fs/sysv/namei.c +++ b/fs/sysv/namei.c @@ -61,7 +61,7 @@ static struct dentry *sysv_lookup(struct inode * dir, struct dentry * dentry, st return NULL; } -static int sysv_mknod(struct inode * dir, struct dentry * dentry, int mode, dev_t rdev) +static int sysv_mknod(struct inode * dir, struct dentry * dentry, umode_t mode, dev_t rdev) { struct inode * inode; int err; diff --git a/fs/ubifs/dir.c b/fs/ubifs/dir.c index f332878ce4de..d9aec2fc90a6 100644 --- a/fs/ubifs/dir.c +++ b/fs/ubifs/dir.c @@ -769,7 +769,7 @@ out_budg: } static int ubifs_mknod(struct inode *dir, struct dentry *dentry, - int mode, dev_t rdev) + umode_t mode, dev_t rdev) { struct inode *inode; struct ubifs_inode *ui; diff --git a/fs/udf/namei.c b/fs/udf/namei.c index 135a4ca01038..08bf46edf9c4 100644 --- a/fs/udf/namei.c +++ b/fs/udf/namei.c @@ -596,7 +596,7 @@ static int udf_create(struct inode *dir, struct dentry *dentry, umode_t mode, return 0; } -static int udf_mknod(struct inode *dir, struct dentry *dentry, int mode, +static int udf_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t rdev) { struct inode *inode; diff --git a/fs/ufs/namei.c b/fs/ufs/namei.c index ba2a9d6c0314..38cac199edff 100644 --- a/fs/ufs/namei.c +++ b/fs/ufs/namei.c @@ -94,7 +94,7 @@ static int ufs_create (struct inode * dir, struct dentry * dentry, umode_t mode, return err; } -static int ufs_mknod (struct inode * dir, struct dentry *dentry, int mode, dev_t rdev) +static int ufs_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t rdev) { struct inode *inode; int err; diff --git a/fs/xfs/xfs_iops.c b/fs/xfs/xfs_iops.c index 0efa4e51bebf..c2cf9bb60863 100644 --- a/fs/xfs/xfs_iops.c +++ b/fs/xfs/xfs_iops.c @@ -168,7 +168,7 @@ STATIC int xfs_vn_mknod( struct inode *dir, struct dentry *dentry, - int mode, + umode_t mode, dev_t rdev) { struct inode *inode; diff --git a/include/linux/fs.h b/include/linux/fs.h index e40321a6e239..b89eef1d1752 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -1518,7 +1518,7 @@ extern void unlock_super(struct super_block *); */ extern int vfs_create(struct inode *, struct dentry *, umode_t, struct nameidata *); extern int vfs_mkdir(struct inode *, struct dentry *, umode_t); -extern int vfs_mknod(struct inode *, struct dentry *, int, dev_t); +extern int vfs_mknod(struct inode *, struct dentry *, umode_t, dev_t); extern int vfs_symlink(struct inode *, struct dentry *, const char *); extern int vfs_link(struct dentry *, struct inode *, struct dentry *); extern int vfs_rmdir(struct inode *, struct dentry *); @@ -1625,7 +1625,7 @@ struct inode_operations { int (*symlink) (struct inode *,struct dentry *,const char *); int (*mkdir) (struct inode *,struct dentry *,umode_t); int (*rmdir) (struct inode *,struct dentry *); - int (*mknod) (struct inode *,struct dentry *,int,dev_t); + int (*mknod) (struct inode *,struct dentry *,umode_t,dev_t); int (*rename) (struct inode *, struct dentry *, struct inode *, struct dentry *); void (*truncate) (struct inode *); diff --git a/include/linux/security.h b/include/linux/security.h index 8fc22373db34..0e5aeb86dfc4 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -1456,7 +1456,7 @@ struct security_operations { int (*inode_mkdir) (struct inode *dir, struct dentry *dentry, umode_t mode); int (*inode_rmdir) (struct inode *dir, struct dentry *dentry); int (*inode_mknod) (struct inode *dir, struct dentry *dentry, - int mode, dev_t dev); + umode_t mode, dev_t dev); int (*inode_rename) (struct inode *old_dir, struct dentry *old_dentry, struct inode *new_dir, struct dentry *new_dentry); int (*inode_readlink) (struct dentry *dentry); @@ -1724,7 +1724,7 @@ int security_inode_symlink(struct inode *dir, struct dentry *dentry, const char *old_name); int security_inode_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode); int security_inode_rmdir(struct inode *dir, struct dentry *dentry); -int security_inode_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev); +int security_inode_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev); int security_inode_rename(struct inode *old_dir, struct dentry *old_dentry, struct inode *new_dir, struct dentry *new_dentry); int security_inode_readlink(struct dentry *dentry); diff --git a/mm/shmem.c b/mm/shmem.c index 542aad28928d..4000f370948c 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -1456,7 +1456,7 @@ static int shmem_statfs(struct dentry *dentry, struct kstatfs *buf) * File creation. Allocate an inode, and we're done.. */ static int -shmem_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev) +shmem_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev) { struct inode *inode; int error = -ENOSPC; diff --git a/security/capability.c b/security/capability.c index ff18d0ca30bf..9def035cd572 100644 --- a/security/capability.c +++ b/security/capability.c @@ -159,7 +159,7 @@ static int cap_inode_rmdir(struct inode *inode, struct dentry *dentry) } static int cap_inode_mknod(struct inode *inode, struct dentry *dentry, - int mode, dev_t dev) + umode_t mode, dev_t dev) { return 0; } diff --git a/security/security.c b/security/security.c index 2420eed87639..8cc0f0caa640 100644 --- a/security/security.c +++ b/security/security.c @@ -521,7 +521,7 @@ int security_inode_rmdir(struct inode *dir, struct dentry *dentry) return security_ops->inode_rmdir(dir, dentry); } -int security_inode_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev) +int security_inode_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev) { if (unlikely(IS_PRIVATE(dir))) return 0; diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index a1eba2b9ea5c..8878370c13bf 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2628,7 +2628,7 @@ static int selinux_inode_rmdir(struct inode *dir, struct dentry *dentry) return may_link(dir, dentry, MAY_RMDIR); } -static int selinux_inode_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev) +static int selinux_inode_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev) { return may_create(dir, dentry, inode_mode_to_security_class(mode)); } -- cgit v1.2.3-70-g09d2 From 910f4ecef3f67714ebff69d0bc34313e48afaed2 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Tue, 26 Jul 2011 04:25:58 -0400 Subject: switch security_path_chmod() to umode_t Signed-off-by: Al Viro --- include/linux/security.h | 6 +++--- security/apparmor/lsm.c | 2 +- security/capability.c | 2 +- security/security.c | 2 +- security/tomoyo/tomoyo.c | 2 +- 5 files changed, 7 insertions(+), 7 deletions(-) (limited to 'include/linux/security.h') diff --git a/include/linux/security.h b/include/linux/security.h index 0e5aeb86dfc4..f2c1fd7978a5 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -1436,7 +1436,7 @@ struct security_operations { int (*path_rename) (struct path *old_dir, struct dentry *old_dentry, struct path *new_dir, struct dentry *new_dentry); int (*path_chmod) (struct dentry *dentry, struct vfsmount *mnt, - mode_t mode); + umode_t mode); int (*path_chown) (struct path *path, uid_t uid, gid_t gid); int (*path_chroot) (struct path *path); #endif @@ -2867,7 +2867,7 @@ int security_path_link(struct dentry *old_dentry, struct path *new_dir, int security_path_rename(struct path *old_dir, struct dentry *old_dentry, struct path *new_dir, struct dentry *new_dentry); int security_path_chmod(struct dentry *dentry, struct vfsmount *mnt, - mode_t mode); + umode_t mode); int security_path_chown(struct path *path, uid_t uid, gid_t gid); int security_path_chroot(struct path *path); #else /* CONFIG_SECURITY_PATH */ @@ -2921,7 +2921,7 @@ static inline int security_path_rename(struct path *old_dir, static inline int security_path_chmod(struct dentry *dentry, struct vfsmount *mnt, - mode_t mode) + umode_t mode) { return 0; } diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 37832026e58a..afbe49822bed 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -345,7 +345,7 @@ static int apparmor_path_rename(struct path *old_dir, struct dentry *old_dentry, } static int apparmor_path_chmod(struct dentry *dentry, struct vfsmount *mnt, - mode_t mode) + umode_t mode) { if (!mediated_filesystem(dentry->d_inode)) return 0; diff --git a/security/capability.c b/security/capability.c index 9def035cd572..4f24bee49f26 100644 --- a/security/capability.c +++ b/security/capability.c @@ -280,7 +280,7 @@ static int cap_path_truncate(struct path *path) } static int cap_path_chmod(struct dentry *dentry, struct vfsmount *mnt, - mode_t mode) + umode_t mode) { return 0; } diff --git a/security/security.c b/security/security.c index 8cc0f0caa640..3635a13cd4ab 100644 --- a/security/security.c +++ b/security/security.c @@ -455,7 +455,7 @@ int security_path_truncate(struct path *path) } int security_path_chmod(struct dentry *dentry, struct vfsmount *mnt, - mode_t mode) + umode_t mode) { if (unlikely(IS_PRIVATE(dentry->d_inode))) return 0; diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index 4b327b691745..a4b840ea0078 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c @@ -360,7 +360,7 @@ static int tomoyo_file_ioctl(struct file *file, unsigned int cmd, * Returns 0 on success, negative value otherwise. */ static int tomoyo_path_chmod(struct dentry *dentry, struct vfsmount *mnt, - mode_t mode) + umode_t mode) { struct path path = { mnt, dentry }; return tomoyo_path_number_perm(TOMOYO_TYPE_CHMOD, &path, -- cgit v1.2.3-70-g09d2 From 52ef0c042bf06f6aef382fade175075627beebc1 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Tue, 26 Jul 2011 04:30:04 -0400 Subject: switch securityfs_create_file() to umode_t Signed-off-by: Al Viro --- include/linux/security.h | 4 ++-- security/apparmor/apparmorfs.c | 2 +- security/inode.c | 12 ++++++------ security/tomoyo/securityfs_if.c | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) (limited to 'include/linux/security.h') diff --git a/include/linux/security.h b/include/linux/security.h index f2c1fd7978a5..fab659edf11a 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -3010,7 +3010,7 @@ static inline void security_audit_rule_free(void *lsmrule) #ifdef CONFIG_SECURITYFS -extern struct dentry *securityfs_create_file(const char *name, mode_t mode, +extern struct dentry *securityfs_create_file(const char *name, umode_t mode, struct dentry *parent, void *data, const struct file_operations *fops); extern struct dentry *securityfs_create_dir(const char *name, struct dentry *parent); @@ -3025,7 +3025,7 @@ static inline struct dentry *securityfs_create_dir(const char *name, } static inline struct dentry *securityfs_create_file(const char *name, - mode_t mode, + umode_t mode, struct dentry *parent, void *data, const struct file_operations *fops) diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c index 69ddb47787b2..e39df6d43779 100644 --- a/security/apparmor/apparmorfs.c +++ b/security/apparmor/apparmorfs.c @@ -165,7 +165,7 @@ static void __init aafs_remove(const char *name) * * Used aafs_remove to remove entries created with this fn. */ -static int __init aafs_create(const char *name, int mask, +static int __init aafs_create(const char *name, umode_t mask, const struct file_operations *fops) { struct dentry *dentry; diff --git a/security/inode.c b/security/inode.c index bfe02e68f92e..90a70a67d835 100644 --- a/security/inode.c +++ b/security/inode.c @@ -56,7 +56,7 @@ static const struct file_operations default_file_ops = { .llseek = noop_llseek, }; -static struct inode *get_inode(struct super_block *sb, int mode, dev_t dev) +static struct inode *get_inode(struct super_block *sb, umode_t mode, dev_t dev) { struct inode *inode = new_inode(sb); @@ -85,7 +85,7 @@ static struct inode *get_inode(struct super_block *sb, int mode, dev_t dev) /* SMP-safe */ static int mknod(struct inode *dir, struct dentry *dentry, - int mode, dev_t dev) + umode_t mode, dev_t dev) { struct inode *inode; int error = -ENOMEM; @@ -102,7 +102,7 @@ static int mknod(struct inode *dir, struct dentry *dentry, return error; } -static int mkdir(struct inode *dir, struct dentry *dentry, int mode) +static int mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) { int res; @@ -113,7 +113,7 @@ static int mkdir(struct inode *dir, struct dentry *dentry, int mode) return res; } -static int create(struct inode *dir, struct dentry *dentry, int mode) +static int create(struct inode *dir, struct dentry *dentry, umode_t mode) { mode = (mode & S_IALLUGO) | S_IFREG; return mknod(dir, dentry, mode, 0); @@ -145,7 +145,7 @@ static struct file_system_type fs_type = { .kill_sb = kill_litter_super, }; -static int create_by_name(const char *name, mode_t mode, +static int create_by_name(const char *name, umode_t mode, struct dentry *parent, struct dentry **dentry) { @@ -205,7 +205,7 @@ static int create_by_name(const char *name, mode_t mode, * If securityfs is not enabled in the kernel, the value %-ENODEV is * returned. */ -struct dentry *securityfs_create_file(const char *name, mode_t mode, +struct dentry *securityfs_create_file(const char *name, umode_t mode, struct dentry *parent, void *data, const struct file_operations *fops) { diff --git a/security/tomoyo/securityfs_if.c b/security/tomoyo/securityfs_if.c index 2672ac4f3beb..482b2a5f48f0 100644 --- a/security/tomoyo/securityfs_if.c +++ b/security/tomoyo/securityfs_if.c @@ -224,7 +224,7 @@ static const struct file_operations tomoyo_operations = { * * Returns nothing. */ -static void __init tomoyo_create_entry(const char *name, const mode_t mode, +static void __init tomoyo_create_entry(const char *name, const umode_t mode, struct dentry *parent, const u8 key) { securityfs_create_file(name, mode, parent, ((u8 *) NULL) + key, -- cgit v1.2.3-70-g09d2 From 4572befe248fd0d94aedc98775e3f0ddc8a26651 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Mon, 21 Nov 2011 14:56:21 -0500 Subject: switch ->path_mkdir() to umode_t Signed-off-by: Al Viro --- include/linux/security.h | 6 +++--- security/apparmor/lsm.c | 2 +- security/capability.c | 2 +- security/security.c | 2 +- security/tomoyo/tomoyo.c | 2 +- 5 files changed, 7 insertions(+), 7 deletions(-) (limited to 'include/linux/security.h') diff --git a/include/linux/security.h b/include/linux/security.h index fab659edf11a..24cd7cf48564 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -1424,7 +1424,7 @@ struct security_operations { #ifdef CONFIG_SECURITY_PATH int (*path_unlink) (struct path *dir, struct dentry *dentry); - int (*path_mkdir) (struct path *dir, struct dentry *dentry, int mode); + int (*path_mkdir) (struct path *dir, struct dentry *dentry, umode_t mode); int (*path_rmdir) (struct path *dir, struct dentry *dentry); int (*path_mknod) (struct path *dir, struct dentry *dentry, int mode, unsigned int dev); @@ -2855,7 +2855,7 @@ static inline void security_skb_classify_flow(struct sk_buff *skb, struct flowi #ifdef CONFIG_SECURITY_PATH int security_path_unlink(struct path *dir, struct dentry *dentry); -int security_path_mkdir(struct path *dir, struct dentry *dentry, int mode); +int security_path_mkdir(struct path *dir, struct dentry *dentry, umode_t mode); int security_path_rmdir(struct path *dir, struct dentry *dentry); int security_path_mknod(struct path *dir, struct dentry *dentry, int mode, unsigned int dev); @@ -2877,7 +2877,7 @@ static inline int security_path_unlink(struct path *dir, struct dentry *dentry) } static inline int security_path_mkdir(struct path *dir, struct dentry *dentry, - int mode) + umode_t mode) { return 0; } diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index afbe49822bed..3271bd38d860 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -262,7 +262,7 @@ static int apparmor_path_unlink(struct path *dir, struct dentry *dentry) } static int apparmor_path_mkdir(struct path *dir, struct dentry *dentry, - int mode) + umode_t mode) { return common_perm_create(OP_MKDIR, dir, dentry, AA_MAY_CREATE, S_IFDIR); diff --git a/security/capability.c b/security/capability.c index 4f24bee49f26..2e1fe45d1486 100644 --- a/security/capability.c +++ b/security/capability.c @@ -241,7 +241,7 @@ static int cap_path_mknod(struct path *dir, struct dentry *dentry, int mode, return 0; } -static int cap_path_mkdir(struct path *dir, struct dentry *dentry, int mode) +static int cap_path_mkdir(struct path *dir, struct dentry *dentry, umode_t mode) { return 0; } diff --git a/security/security.c b/security/security.c index 3635a13cd4ab..e9724e058b43 100644 --- a/security/security.c +++ b/security/security.c @@ -397,7 +397,7 @@ int security_path_mknod(struct path *dir, struct dentry *dentry, int mode, } EXPORT_SYMBOL(security_path_mknod); -int security_path_mkdir(struct path *dir, struct dentry *dentry, int mode) +int security_path_mkdir(struct path *dir, struct dentry *dentry, umode_t mode) { if (unlikely(IS_PRIVATE(dir->dentry->d_inode))) return 0; diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index a4b840ea0078..95e4a7db8b86 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c @@ -186,7 +186,7 @@ static int tomoyo_path_unlink(struct path *parent, struct dentry *dentry) * Returns 0 on success, negative value otherwise. */ static int tomoyo_path_mkdir(struct path *parent, struct dentry *dentry, - int mode) + umode_t mode) { struct path path = { parent->mnt, dentry }; return tomoyo_path_number_perm(TOMOYO_TYPE_MKDIR, &path, -- cgit v1.2.3-70-g09d2 From 04fc66e789a896e684bfdca30208e57eb832dd96 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Mon, 21 Nov 2011 14:58:38 -0500 Subject: switch ->path_mknod() to umode_t Signed-off-by: Al Viro --- include/linux/security.h | 6 +++--- net/unix/af_unix.c | 2 +- security/apparmor/lsm.c | 2 +- security/capability.c | 2 +- security/security.c | 2 +- security/tomoyo/tomoyo.c | 2 +- 6 files changed, 8 insertions(+), 8 deletions(-) (limited to 'include/linux/security.h') diff --git a/include/linux/security.h b/include/linux/security.h index 24cd7cf48564..535721cc374a 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -1426,7 +1426,7 @@ struct security_operations { int (*path_unlink) (struct path *dir, struct dentry *dentry); int (*path_mkdir) (struct path *dir, struct dentry *dentry, umode_t mode); int (*path_rmdir) (struct path *dir, struct dentry *dentry); - int (*path_mknod) (struct path *dir, struct dentry *dentry, int mode, + int (*path_mknod) (struct path *dir, struct dentry *dentry, umode_t mode, unsigned int dev); int (*path_truncate) (struct path *path); int (*path_symlink) (struct path *dir, struct dentry *dentry, @@ -2857,7 +2857,7 @@ static inline void security_skb_classify_flow(struct sk_buff *skb, struct flowi int security_path_unlink(struct path *dir, struct dentry *dentry); int security_path_mkdir(struct path *dir, struct dentry *dentry, umode_t mode); int security_path_rmdir(struct path *dir, struct dentry *dentry); -int security_path_mknod(struct path *dir, struct dentry *dentry, int mode, +int security_path_mknod(struct path *dir, struct dentry *dentry, umode_t mode, unsigned int dev); int security_path_truncate(struct path *path); int security_path_symlink(struct path *dir, struct dentry *dentry, @@ -2888,7 +2888,7 @@ static inline int security_path_rmdir(struct path *dir, struct dentry *dentry) } static inline int security_path_mknod(struct path *dir, struct dentry *dentry, - int mode, unsigned int dev) + umode_t mode, unsigned int dev) { return 0; } diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c index b595a3d8679f..412a99f4a3f7 100644 --- a/net/unix/af_unix.c +++ b/net/unix/af_unix.c @@ -847,7 +847,7 @@ static int unix_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) atomic_set(&addr->refcnt, 1); if (sun_path[0]) { - unsigned int mode; + umode_t mode; err = 0; /* * Get the parent directory, calculate the hash for last diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 3271bd38d860..c0a399ec1df9 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -274,7 +274,7 @@ static int apparmor_path_rmdir(struct path *dir, struct dentry *dentry) } static int apparmor_path_mknod(struct path *dir, struct dentry *dentry, - int mode, unsigned int dev) + umode_t mode, unsigned int dev) { return common_perm_create(OP_MKNOD, dir, dentry, AA_MAY_CREATE, mode); } diff --git a/security/capability.c b/security/capability.c index 2e1fe45d1486..156816d451ba 100644 --- a/security/capability.c +++ b/security/capability.c @@ -235,7 +235,7 @@ static void cap_inode_getsecid(const struct inode *inode, u32 *secid) } #ifdef CONFIG_SECURITY_PATH -static int cap_path_mknod(struct path *dir, struct dentry *dentry, int mode, +static int cap_path_mknod(struct path *dir, struct dentry *dentry, umode_t mode, unsigned int dev) { return 0; diff --git a/security/security.c b/security/security.c index e9724e058b43..151152de1a0a 100644 --- a/security/security.c +++ b/security/security.c @@ -388,7 +388,7 @@ int security_old_inode_init_security(struct inode *inode, struct inode *dir, EXPORT_SYMBOL(security_old_inode_init_security); #ifdef CONFIG_SECURITY_PATH -int security_path_mknod(struct path *dir, struct dentry *dentry, int mode, +int security_path_mknod(struct path *dir, struct dentry *dentry, umode_t mode, unsigned int dev) { if (unlikely(IS_PRIVATE(dir->dentry->d_inode))) diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index 95e4a7db8b86..75c956a51e75 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c @@ -234,7 +234,7 @@ static int tomoyo_path_symlink(struct path *parent, struct dentry *dentry, * Returns 0 on success, negative value otherwise. */ static int tomoyo_path_mknod(struct path *parent, struct dentry *dentry, - int mode, unsigned int dev) + umode_t mode, unsigned int dev) { struct path path = { parent->mnt, dentry }; int type = TOMOYO_TYPE_CREATE; -- cgit v1.2.3-70-g09d2 From 6a9de49115d5ff9871d953af1a5c8249e1585731 Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Tue, 3 Jan 2012 12:25:14 -0500 Subject: capabilities: remove the task from capable LSM hook entirely The capabilities framework is based around credentials, not necessarily the current task. Yet we still passed the current task down into LSMs from the security_capable() LSM hook as if it was a meaningful portion of the security decision. This patch removes the 'generic' passing of current and instead forces individual LSMs to use current explicitly if they think it is appropriate. In our case those LSMs are SELinux and AppArmor. I believe the AppArmor use of current is incorrect, but that is wholely unrelated to this patch. This patch does not change what AppArmor does, it just makes it clear in the AppArmor code that it is doing it. The SELinux code still uses current in it's audit message, which may also be wrong and needs further investigation. Again this is NOT a change, it may have always been wrong, this patch just makes it clear what is happening. Signed-off-by: Eric Paris --- include/linux/security.h | 16 +++++++--------- security/apparmor/lsm.c | 8 ++++---- security/commoncap.c | 16 +++++++--------- security/security.c | 7 +++---- security/selinux/hooks.c | 23 ++++++++++------------- 5 files changed, 31 insertions(+), 39 deletions(-) (limited to 'include/linux/security.h') diff --git a/include/linux/security.h b/include/linux/security.h index ebd2a53a3d07..4921163b2752 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -53,8 +53,8 @@ struct user_namespace; * These functions are in security/capability.c and are used * as the default capabilities functions */ -extern int cap_capable(struct task_struct *tsk, const struct cred *cred, - struct user_namespace *ns, int cap, int audit); +extern int cap_capable(const struct cred *cred, struct user_namespace *ns, + int cap, int audit); extern int cap_settime(const struct timespec *ts, const struct timezone *tz); extern int cap_ptrace_access_check(struct task_struct *child, unsigned int mode); extern int cap_ptrace_traceme(struct task_struct *parent); @@ -1261,7 +1261,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) * @capable: * Check whether the @tsk process has the @cap capability in the indicated * credentials. - * @tsk contains the task_struct for the process. * @cred contains the credentials to use. * @ns contains the user namespace we want the capability in * @cap contains the capability . @@ -1385,8 +1384,8 @@ struct security_operations { const kernel_cap_t *effective, const kernel_cap_t *inheritable, const kernel_cap_t *permitted); - int (*capable) (struct task_struct *tsk, const struct cred *cred, - struct user_namespace *ns, int cap, int audit); + int (*capable) (const struct cred *cred, struct user_namespace *ns, + int cap, int audit); int (*quotactl) (int cmds, int type, int id, struct super_block *sb); int (*quota_on) (struct dentry *dentry); int (*syslog) (int type); @@ -1867,7 +1866,7 @@ static inline int security_capset(struct cred *new, static inline int security_capable(struct user_namespace *ns, const struct cred *cred, int cap) { - return cap_capable(current, cred, ns, cap, SECURITY_CAP_AUDIT); + return cap_capable(cred, ns, cap, SECURITY_CAP_AUDIT); } static inline int security_real_capable(struct task_struct *tsk, struct user_namespace *ns, int cap) @@ -1875,7 +1874,7 @@ static inline int security_real_capable(struct task_struct *tsk, struct user_nam int ret; rcu_read_lock(); - ret = cap_capable(tsk, __task_cred(tsk), ns, cap, SECURITY_CAP_AUDIT); + ret = cap_capable(__task_cred(tsk), ns, cap, SECURITY_CAP_AUDIT); rcu_read_unlock(); return ret; } @@ -1886,8 +1885,7 @@ int security_real_capable_noaudit(struct task_struct *tsk, struct user_namespace int ret; rcu_read_lock(); - ret = cap_capable(tsk, __task_cred(tsk), ns, cap, - SECURITY_CAP_NOAUDIT); + ret = cap_capable(__task_cred(tsk), ns, cap, SECURITY_CAP_NOAUDIT); rcu_read_unlock(); return ret; } diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 37832026e58a..ef4e2a8a33a5 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -136,16 +136,16 @@ static int apparmor_capget(struct task_struct *target, kernel_cap_t *effective, return 0; } -static int apparmor_capable(struct task_struct *task, const struct cred *cred, - struct user_namespace *ns, int cap, int audit) +static int apparmor_capable(const struct cred *cred, struct user_namespace *ns, + int cap, int audit) { struct aa_profile *profile; /* cap_capable returns 0 on success, else -EPERM */ - int error = cap_capable(task, cred, ns, cap, audit); + int error = cap_capable(cred, ns, cap, audit); if (!error) { profile = aa_cred_profile(cred); if (!unconfined(profile)) - error = aa_capable(task, profile, cap, audit); + error = aa_capable(current, profile, cap, audit); } return error; } diff --git a/security/commoncap.c b/security/commoncap.c index a93b3b733079..89f02ff66af9 100644 --- a/security/commoncap.c +++ b/security/commoncap.c @@ -66,7 +66,6 @@ EXPORT_SYMBOL(cap_netlink_recv); /** * cap_capable - Determine whether a task has a particular effective capability - * @tsk: The task to query * @cred: The credentials to use * @ns: The user namespace in which we need the capability * @cap: The capability to check for @@ -80,8 +79,8 @@ EXPORT_SYMBOL(cap_netlink_recv); * cap_has_capability() returns 0 when a task has a capability, but the * kernel's capable() and has_capability() returns 1 for this case. */ -int cap_capable(struct task_struct *tsk, const struct cred *cred, - struct user_namespace *targ_ns, int cap, int audit) +int cap_capable(const struct cred *cred, struct user_namespace *targ_ns, + int cap, int audit) { for (;;) { /* The creator of the user namespace has all caps. */ @@ -222,9 +221,8 @@ static inline int cap_inh_is_capped(void) /* they are so limited unless the current task has the CAP_SETPCAP * capability */ - if (cap_capable(current, current_cred(), - current_cred()->user->user_ns, CAP_SETPCAP, - SECURITY_CAP_AUDIT) == 0) + if (cap_capable(current_cred(), current_cred()->user->user_ns, + CAP_SETPCAP, SECURITY_CAP_AUDIT) == 0) return 0; return 1; } @@ -870,7 +868,7 @@ int cap_task_prctl(int option, unsigned long arg2, unsigned long arg3, & (new->securebits ^ arg2)) /*[1]*/ || ((new->securebits & SECURE_ALL_LOCKS & ~arg2)) /*[2]*/ || (arg2 & ~(SECURE_ALL_LOCKS | SECURE_ALL_BITS)) /*[3]*/ - || (cap_capable(current, current_cred(), + || (cap_capable(current_cred(), current_cred()->user->user_ns, CAP_SETPCAP, SECURITY_CAP_AUDIT) != 0) /*[4]*/ /* @@ -936,7 +934,7 @@ int cap_vm_enough_memory(struct mm_struct *mm, long pages) { int cap_sys_admin = 0; - if (cap_capable(current, current_cred(), &init_user_ns, CAP_SYS_ADMIN, + if (cap_capable(current_cred(), &init_user_ns, CAP_SYS_ADMIN, SECURITY_CAP_NOAUDIT) == 0) cap_sys_admin = 1; return __vm_enough_memory(mm, pages, cap_sys_admin); @@ -963,7 +961,7 @@ int cap_file_mmap(struct file *file, unsigned long reqprot, int ret = 0; if (addr < dac_mmap_min_addr) { - ret = cap_capable(current, current_cred(), &init_user_ns, CAP_SYS_RAWIO, + ret = cap_capable(current_cred(), &init_user_ns, CAP_SYS_RAWIO, SECURITY_CAP_AUDIT); /* set PF_SUPERPRIV if it turns out we allow the low mmap */ if (ret == 0) diff --git a/security/security.c b/security/security.c index d9e153390926..9ae68c64455e 100644 --- a/security/security.c +++ b/security/security.c @@ -157,8 +157,7 @@ int security_capset(struct cred *new, const struct cred *old, int security_capable(struct user_namespace *ns, const struct cred *cred, int cap) { - return security_ops->capable(current, cred, ns, cap, - SECURITY_CAP_AUDIT); + return security_ops->capable(cred, ns, cap, SECURITY_CAP_AUDIT); } int security_real_capable(struct task_struct *tsk, struct user_namespace *ns, @@ -168,7 +167,7 @@ int security_real_capable(struct task_struct *tsk, struct user_namespace *ns, int ret; cred = get_task_cred(tsk); - ret = security_ops->capable(tsk, cred, ns, cap, SECURITY_CAP_AUDIT); + ret = security_ops->capable(cred, ns, cap, SECURITY_CAP_AUDIT); put_cred(cred); return ret; } @@ -180,7 +179,7 @@ int security_real_capable_noaudit(struct task_struct *tsk, int ret; cred = get_task_cred(tsk); - ret = security_ops->capable(tsk, cred, ns, cap, SECURITY_CAP_NOAUDIT); + ret = security_ops->capable(cred, ns, cap, SECURITY_CAP_NOAUDIT); put_cred(cred); return ret; } diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index e545b9f67072..c9605c4a2e08 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -1414,8 +1414,7 @@ static int current_has_perm(const struct task_struct *tsk, #endif /* Check whether a task is allowed to use a capability. */ -static int task_has_capability(struct task_struct *tsk, - const struct cred *cred, +static int cred_has_capability(const struct cred *cred, int cap, int audit) { struct common_audit_data ad; @@ -1426,7 +1425,7 @@ static int task_has_capability(struct task_struct *tsk, int rc; COMMON_AUDIT_DATA_INIT(&ad, CAP); - ad.tsk = tsk; + ad.tsk = current; ad.u.cap = cap; switch (CAP_TO_INDEX(cap)) { @@ -1867,16 +1866,16 @@ static int selinux_capset(struct cred *new, const struct cred *old, * the CAP_SETUID and CAP_SETGID capabilities using the capable hook. */ -static int selinux_capable(struct task_struct *tsk, const struct cred *cred, - struct user_namespace *ns, int cap, int audit) +static int selinux_capable(const struct cred *cred, struct user_namespace *ns, + int cap, int audit) { int rc; - rc = cap_capable(tsk, cred, ns, cap, audit); + rc = cap_capable(cred, ns, cap, audit); if (rc) return rc; - return task_has_capability(tsk, cred, cap, audit); + return cred_has_capability(cred, cap, audit); } static int selinux_quotactl(int cmds, int type, int id, struct super_block *sb) @@ -1953,8 +1952,7 @@ static int selinux_vm_enough_memory(struct mm_struct *mm, long pages) { int rc, cap_sys_admin = 0; - rc = selinux_capable(current, current_cred(), - &init_user_ns, CAP_SYS_ADMIN, + rc = selinux_capable(current_cred(), &init_user_ns, CAP_SYS_ADMIN, SECURITY_CAP_NOAUDIT); if (rc == 0) cap_sys_admin = 1; @@ -2858,8 +2856,7 @@ static int selinux_inode_getsecurity(const struct inode *inode, const char *name * and lack of permission just means that we fall back to the * in-core context value, not a denial. */ - error = selinux_capable(current, current_cred(), - &init_user_ns, CAP_MAC_ADMIN, + error = selinux_capable(current_cred(), &init_user_ns, CAP_MAC_ADMIN, SECURITY_CAP_NOAUDIT); if (!error) error = security_sid_to_context_force(isec->sid, &context, @@ -2992,8 +2989,8 @@ static int selinux_file_ioctl(struct file *file, unsigned int cmd, case KDSKBENT: case KDSKBSENT: - error = task_has_capability(current, cred, CAP_SYS_TTY_CONFIG, - SECURITY_CAP_AUDIT); + error = cred_has_capability(cred, CAP_SYS_TTY_CONFIG, + SECURITY_CAP_AUDIT); break; /* default case assumes that the command will go -- cgit v1.2.3-70-g09d2 From b7e724d303b684655e4ca3dabd5a6840ad19012d Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Tue, 3 Jan 2012 12:25:15 -0500 Subject: capabilities: reverse arguments to security_capable security_capable takes ns, cred, cap. But the LSM capable() hook takes cred, ns, cap. The capability helper functions also take cred, ns, cap. Rather than flip argument order just to flip it back, leave them alone. Heck, this should be a little faster since argument will be in the right place! Signed-off-by: Eric Paris --- drivers/pci/pci-sysfs.c | 2 +- include/linux/security.h | 6 +++--- kernel/capability.c | 2 +- security/security.c | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) (limited to 'include/linux/security.h') diff --git a/drivers/pci/pci-sysfs.c b/drivers/pci/pci-sysfs.c index 7bcf12adced7..a4457ab61342 100644 --- a/drivers/pci/pci-sysfs.c +++ b/drivers/pci/pci-sysfs.c @@ -431,7 +431,7 @@ pci_read_config(struct file *filp, struct kobject *kobj, u8 *data = (u8*) buf; /* Several chips lock up trying to read undefined config space */ - if (security_capable(&init_user_ns, filp->f_cred, CAP_SYS_ADMIN) == 0) { + if (security_capable(filp->f_cred, &init_user_ns, CAP_SYS_ADMIN) == 0) { size = dev->cfg_size; } else if (dev->hdr_type == PCI_HEADER_TYPE_CARDBUS) { size = 128; diff --git a/include/linux/security.h b/include/linux/security.h index 4921163b2752..ee969ff40a26 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -1666,7 +1666,7 @@ int security_capset(struct cred *new, const struct cred *old, const kernel_cap_t *effective, const kernel_cap_t *inheritable, const kernel_cap_t *permitted); -int security_capable(struct user_namespace *ns, const struct cred *cred, +int security_capable(const struct cred *cred, struct user_namespace *ns, int cap); int security_real_capable(struct task_struct *tsk, struct user_namespace *ns, int cap); @@ -1863,8 +1863,8 @@ static inline int security_capset(struct cred *new, return cap_capset(new, old, effective, inheritable, permitted); } -static inline int security_capable(struct user_namespace *ns, - const struct cred *cred, int cap) +static inline int security_capable(const struct cred *cred, + struct user_namespace *ns, int cap) { return cap_capable(cred, ns, cap, SECURITY_CAP_AUDIT); } diff --git a/kernel/capability.c b/kernel/capability.c index 283c529f8b1c..d98392719adb 100644 --- a/kernel/capability.c +++ b/kernel/capability.c @@ -374,7 +374,7 @@ bool ns_capable(struct user_namespace *ns, int cap) BUG(); } - if (security_capable(ns, current_cred(), cap) == 0) { + if (security_capable(current_cred(), ns, cap) == 0) { current->flags |= PF_SUPERPRIV; return true; } diff --git a/security/security.c b/security/security.c index 9ae68c64455e..b9e57f4fc44a 100644 --- a/security/security.c +++ b/security/security.c @@ -154,7 +154,7 @@ int security_capset(struct cred *new, const struct cred *old, effective, inheritable, permitted); } -int security_capable(struct user_namespace *ns, const struct cred *cred, +int security_capable(const struct cred *cred, struct user_namespace *ns, int cap) { return security_ops->capable(cred, ns, cap, SECURITY_CAP_AUDIT); -- cgit v1.2.3-70-g09d2 From c7eba4a97563fd8b431787f7ad623444f2da80c6 Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Tue, 3 Jan 2012 12:25:15 -0500 Subject: capabilities: introduce security_capable_noaudit Exactly like security_capable except don't audit any denials. This is for places where the kernel may make decisions about what to do if a task has a given capability, but which failing that capability is not a sign of a security policy violation. An example is checking if a task has CAP_SYS_ADMIN to lower it's likelyhood of being killed by the oom killer. This check is not a security violation if it is denied. Signed-off-by: Eric Paris Acked-by: Serge E. Hallyn --- include/linux/security.h | 7 +++++++ security/security.c | 6 ++++++ 2 files changed, 13 insertions(+) (limited to 'include/linux/security.h') diff --git a/include/linux/security.h b/include/linux/security.h index ee969ff40a26..caff54eee686 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -1668,6 +1668,8 @@ int security_capset(struct cred *new, const struct cred *old, const kernel_cap_t *permitted); int security_capable(const struct cred *cred, struct user_namespace *ns, int cap); +int security_capable_noaudit(const struct cred *cred, struct user_namespace *ns, + int cap); int security_real_capable(struct task_struct *tsk, struct user_namespace *ns, int cap); int security_real_capable_noaudit(struct task_struct *tsk, @@ -1869,6 +1871,11 @@ static inline int security_capable(const struct cred *cred, return cap_capable(cred, ns, cap, SECURITY_CAP_AUDIT); } +static inline int security_capable_noaudit(const struct cred *cred, + struct user_namespace *ns, int cap) { + return cap_capable(cred, ns, cap, SECURITY_CAP_NOAUDIT); +} + static inline int security_real_capable(struct task_struct *tsk, struct user_namespace *ns, int cap) { int ret; diff --git a/security/security.c b/security/security.c index b9e57f4fc44a..b7edaae77d1d 100644 --- a/security/security.c +++ b/security/security.c @@ -160,6 +160,12 @@ int security_capable(const struct cred *cred, struct user_namespace *ns, return security_ops->capable(cred, ns, cap, SECURITY_CAP_AUDIT); } +int security_capable_noaudit(const struct cred *cred, struct user_namespace *ns, + int cap) +{ + return security_ops->capable(cred, ns, cap, SECURITY_CAP_NOAUDIT); +} + int security_real_capable(struct task_struct *tsk, struct user_namespace *ns, int cap) { -- cgit v1.2.3-70-g09d2 From 2920a8409de5a51575d03deca07e5bb2be6fc98d Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Tue, 3 Jan 2012 12:25:15 -0500 Subject: capabilities: remove all _real_ interfaces The name security_real_capable and security_real_capable_noaudit just don't make much sense to me. Convert them to use security_capable and security_capable_noaudit. Signed-off-by: Eric Paris Acked-by: Serge E. Hallyn --- include/linux/security.h | 25 ------------------------- kernel/capability.c | 18 +++++++++++++++--- security/security.c | 24 ------------------------ 3 files changed, 15 insertions(+), 52 deletions(-) (limited to 'include/linux/security.h') diff --git a/include/linux/security.h b/include/linux/security.h index caff54eee686..e345a9313a60 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -1670,10 +1670,6 @@ int security_capable(const struct cred *cred, struct user_namespace *ns, int cap); int security_capable_noaudit(const struct cred *cred, struct user_namespace *ns, int cap); -int security_real_capable(struct task_struct *tsk, struct user_namespace *ns, - int cap); -int security_real_capable_noaudit(struct task_struct *tsk, - struct user_namespace *ns, int cap); int security_quotactl(int cmds, int type, int id, struct super_block *sb); int security_quota_on(struct dentry *dentry); int security_syslog(int type); @@ -1876,27 +1872,6 @@ static inline int security_capable_noaudit(const struct cred *cred, return cap_capable(cred, ns, cap, SECURITY_CAP_NOAUDIT); } -static inline int security_real_capable(struct task_struct *tsk, struct user_namespace *ns, int cap) -{ - int ret; - - rcu_read_lock(); - ret = cap_capable(__task_cred(tsk), ns, cap, SECURITY_CAP_AUDIT); - rcu_read_unlock(); - return ret; -} - -static inline -int security_real_capable_noaudit(struct task_struct *tsk, struct user_namespace *ns, int cap) -{ - int ret; - - rcu_read_lock(); - ret = cap_capable(__task_cred(tsk), ns, cap, SECURITY_CAP_NOAUDIT); - rcu_read_unlock(); - return ret; -} - static inline int security_quotactl(int cmds, int type, int id, struct super_block *sb) { diff --git a/kernel/capability.c b/kernel/capability.c index d98392719adb..ff50ab62cfca 100644 --- a/kernel/capability.c +++ b/kernel/capability.c @@ -298,7 +298,11 @@ error: */ bool has_capability(struct task_struct *t, int cap) { - int ret = security_real_capable(t, &init_user_ns, cap); + int ret; + + rcu_read_lock(); + ret = security_capable(__task_cred(t), &init_user_ns, cap); + rcu_read_unlock(); return (ret == 0); } @@ -317,7 +321,11 @@ bool has_capability(struct task_struct *t, int cap) bool has_ns_capability(struct task_struct *t, struct user_namespace *ns, int cap) { - int ret = security_real_capable(t, ns, cap); + int ret; + + rcu_read_lock(); + ret = security_capable(__task_cred(t), ns, cap); + rcu_read_unlock(); return (ret == 0); } @@ -335,7 +343,11 @@ bool has_ns_capability(struct task_struct *t, */ bool has_capability_noaudit(struct task_struct *t, int cap) { - int ret = security_real_capable_noaudit(t, &init_user_ns, cap); + int ret; + + rcu_read_lock(); + ret = security_capable_noaudit(__task_cred(t), &init_user_ns, cap); + rcu_read_unlock(); return (ret == 0); } diff --git a/security/security.c b/security/security.c index b7edaae77d1d..8900c5c4db5c 100644 --- a/security/security.c +++ b/security/security.c @@ -166,30 +166,6 @@ int security_capable_noaudit(const struct cred *cred, struct user_namespace *ns, return security_ops->capable(cred, ns, cap, SECURITY_CAP_NOAUDIT); } -int security_real_capable(struct task_struct *tsk, struct user_namespace *ns, - int cap) -{ - const struct cred *cred; - int ret; - - cred = get_task_cred(tsk); - ret = security_ops->capable(cred, ns, cap, SECURITY_CAP_AUDIT); - put_cred(cred); - return ret; -} - -int security_real_capable_noaudit(struct task_struct *tsk, - struct user_namespace *ns, int cap) -{ - const struct cred *cred; - int ret; - - cred = get_task_cred(tsk); - ret = security_ops->capable(cred, ns, cap, SECURITY_CAP_NOAUDIT); - put_cred(cred); - return ret; -} - int security_quotactl(int cmds, int type, int id, struct super_block *sb) { return security_ops->quotactl(cmds, type, id, sb); -- cgit v1.2.3-70-g09d2 From fd778461524849afd035679030ae8e8873c72b81 Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Tue, 3 Jan 2012 12:25:16 -0500 Subject: security: remove the security_netlink_recv hook as it is equivalent to capable() Once upon a time netlink was not sync and we had to get the effective capabilities from the skb that was being received. Today we instead get the capabilities from the current task. This has rendered the entire purpose of the hook moot as it is now functionally equivalent to the capable() call. Signed-off-by: Eric Paris --- drivers/scsi/scsi_netlink.c | 2 +- include/linux/security.h | 14 -------------- kernel/audit.c | 4 ++-- net/core/rtnetlink.c | 2 +- net/decnet/netfilter/dn_rtmsg.c | 2 +- net/ipv4/netfilter/ip_queue.c | 2 +- net/ipv6/netfilter/ip6_queue.c | 2 +- net/netfilter/nfnetlink.c | 2 +- net/netlink/genetlink.c | 2 +- net/xfrm/xfrm_user.c | 2 +- security/capability.c | 1 - security/commoncap.c | 8 -------- security/security.c | 6 ------ security/selinux/hooks.c | 19 ------------------- 14 files changed, 10 insertions(+), 58 deletions(-) (limited to 'include/linux/security.h') diff --git a/drivers/scsi/scsi_netlink.c b/drivers/scsi/scsi_netlink.c index 26a8a45584ef..feee1cc39ea0 100644 --- a/drivers/scsi/scsi_netlink.c +++ b/drivers/scsi/scsi_netlink.c @@ -111,7 +111,7 @@ scsi_nl_rcv_msg(struct sk_buff *skb) goto next_msg; } - if (security_netlink_recv(skb, CAP_SYS_ADMIN)) { + if (!capable(CAP_SYS_ADMIN)) { err = -EPERM; goto next_msg; } diff --git a/include/linux/security.h b/include/linux/security.h index e345a9313a60..ba2d531c123f 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -95,7 +95,6 @@ struct xfrm_user_sec_ctx; struct seq_file; extern int cap_netlink_send(struct sock *sk, struct sk_buff *skb); -extern int cap_netlink_recv(struct sk_buff *skb, int cap); void reset_security_ops(void); @@ -792,12 +791,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) * @skb contains the sk_buff structure for the netlink message. * Return 0 if the information was successfully saved and message * is allowed to be transmitted. - * @netlink_recv: - * Check permission before processing the received netlink message in - * @skb. - * @skb contains the sk_buff structure for the netlink message. - * @cap indicates the capability required - * Return 0 if permission is granted. * * Security hooks for Unix domain networking. * @@ -1556,7 +1549,6 @@ struct security_operations { struct sembuf *sops, unsigned nsops, int alter); int (*netlink_send) (struct sock *sk, struct sk_buff *skb); - int (*netlink_recv) (struct sk_buff *skb, int cap); void (*d_instantiate) (struct dentry *dentry, struct inode *inode); @@ -1803,7 +1795,6 @@ void security_d_instantiate(struct dentry *dentry, struct inode *inode); int security_getprocattr(struct task_struct *p, char *name, char **value); int security_setprocattr(struct task_struct *p, char *name, void *value, size_t size); int security_netlink_send(struct sock *sk, struct sk_buff *skb); -int security_netlink_recv(struct sk_buff *skb, int cap); int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); int security_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid); void security_release_secctx(char *secdata, u32 seclen); @@ -2478,11 +2469,6 @@ static inline int security_netlink_send(struct sock *sk, struct sk_buff *skb) return cap_netlink_send(sk, skb); } -static inline int security_netlink_recv(struct sk_buff *skb, int cap) -{ - return cap_netlink_recv(skb, cap); -} - static inline int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) { return -EOPNOTSUPP; diff --git a/kernel/audit.c b/kernel/audit.c index 0a1355ca3d79..f3ba55fa0b70 100644 --- a/kernel/audit.c +++ b/kernel/audit.c @@ -601,13 +601,13 @@ static int audit_netlink_ok(struct sk_buff *skb, u16 msg_type) case AUDIT_TTY_SET: case AUDIT_TRIM: case AUDIT_MAKE_EQUIV: - if (security_netlink_recv(skb, CAP_AUDIT_CONTROL)) + if (!capable(CAP_AUDIT_CONTROL)) err = -EPERM; break; case AUDIT_USER: case AUDIT_FIRST_USER_MSG ... AUDIT_LAST_USER_MSG: case AUDIT_FIRST_USER_MSG2 ... AUDIT_LAST_USER_MSG2: - if (security_netlink_recv(skb, CAP_AUDIT_WRITE)) + if (!capable(CAP_AUDIT_WRITE)) err = -EPERM; break; default: /* bad msg */ diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c index 99d9e953fe39..d3a628196716 100644 --- a/net/core/rtnetlink.c +++ b/net/core/rtnetlink.c @@ -1931,7 +1931,7 @@ static int rtnetlink_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh) sz_idx = type>>2; kind = type&3; - if (kind != 2 && security_netlink_recv(skb, CAP_NET_ADMIN)) + if (kind != 2 && !capable(CAP_NET_ADMIN)) return -EPERM; if (kind == 2 && nlh->nlmsg_flags&NLM_F_DUMP) { diff --git a/net/decnet/netfilter/dn_rtmsg.c b/net/decnet/netfilter/dn_rtmsg.c index 69975e0bcdea..1531135130db 100644 --- a/net/decnet/netfilter/dn_rtmsg.c +++ b/net/decnet/netfilter/dn_rtmsg.c @@ -108,7 +108,7 @@ static inline void dnrmg_receive_user_skb(struct sk_buff *skb) if (nlh->nlmsg_len < sizeof(*nlh) || skb->len < nlh->nlmsg_len) return; - if (security_netlink_recv(skb, CAP_NET_ADMIN)) + if (!capable(CAP_NET_ADMIN)) RCV_SKB_FAIL(-EPERM); /* Eventually we might send routing messages too */ diff --git a/net/ipv4/netfilter/ip_queue.c b/net/ipv4/netfilter/ip_queue.c index e59aabd0eae4..ffabb2674718 100644 --- a/net/ipv4/netfilter/ip_queue.c +++ b/net/ipv4/netfilter/ip_queue.c @@ -430,7 +430,7 @@ __ipq_rcv_skb(struct sk_buff *skb) if (type <= IPQM_BASE) return; - if (security_netlink_recv(skb, CAP_NET_ADMIN)) + if (!capable(CAP_NET_ADMIN)) RCV_SKB_FAIL(-EPERM); spin_lock_bh(&queue_lock); diff --git a/net/ipv6/netfilter/ip6_queue.c b/net/ipv6/netfilter/ip6_queue.c index e63c3972a739..5e5ce778be7f 100644 --- a/net/ipv6/netfilter/ip6_queue.c +++ b/net/ipv6/netfilter/ip6_queue.c @@ -431,7 +431,7 @@ __ipq_rcv_skb(struct sk_buff *skb) if (type <= IPQM_BASE) return; - if (security_netlink_recv(skb, CAP_NET_ADMIN)) + if (!capable(CAP_NET_ADMIN)) RCV_SKB_FAIL(-EPERM); spin_lock_bh(&queue_lock); diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c index 1905976b5135..e6c2b8f32180 100644 --- a/net/netfilter/nfnetlink.c +++ b/net/netfilter/nfnetlink.c @@ -130,7 +130,7 @@ static int nfnetlink_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh) const struct nfnetlink_subsystem *ss; int type, err; - if (security_netlink_recv(skb, CAP_NET_ADMIN)) + if (!capable(CAP_NET_ADMIN)) return -EPERM; /* All the messages must at least contain nfgenmsg */ diff --git a/net/netlink/genetlink.c b/net/netlink/genetlink.c index 482fa571b4ee..05fedbf489a5 100644 --- a/net/netlink/genetlink.c +++ b/net/netlink/genetlink.c @@ -516,7 +516,7 @@ static int genl_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh) return -EOPNOTSUPP; if ((ops->flags & GENL_ADMIN_PERM) && - security_netlink_recv(skb, CAP_NET_ADMIN)) + !capable(CAP_NET_ADMIN)) return -EPERM; if (nlh->nlmsg_flags & NLM_F_DUMP) { diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c index 0256b8a0a7cf..71de86698efa 100644 --- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c @@ -2290,7 +2290,7 @@ static int xfrm_user_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh) link = &xfrm_dispatch[type]; /* All operations require privileges, even GET */ - if (security_netlink_recv(skb, CAP_NET_ADMIN)) + if (!capable(CAP_NET_ADMIN)) return -EPERM; if ((type == (XFRM_MSG_GETSA - XFRM_MSG_BASE) || diff --git a/security/capability.c b/security/capability.c index 2984ea4f776f..a2c064d10448 100644 --- a/security/capability.c +++ b/security/capability.c @@ -999,7 +999,6 @@ void __init security_fixup_ops(struct security_operations *ops) set_to_cap_if_null(ops, sem_semctl); set_to_cap_if_null(ops, sem_semop); set_to_cap_if_null(ops, netlink_send); - set_to_cap_if_null(ops, netlink_recv); set_to_cap_if_null(ops, d_instantiate); set_to_cap_if_null(ops, getprocattr); set_to_cap_if_null(ops, setprocattr); diff --git a/security/commoncap.c b/security/commoncap.c index 89f02ff66af9..7817a763444d 100644 --- a/security/commoncap.c +++ b/security/commoncap.c @@ -56,14 +56,6 @@ int cap_netlink_send(struct sock *sk, struct sk_buff *skb) return 0; } -int cap_netlink_recv(struct sk_buff *skb, int cap) -{ - if (!cap_raised(current_cap(), cap)) - return -EPERM; - return 0; -} -EXPORT_SYMBOL(cap_netlink_recv); - /** * cap_capable - Determine whether a task has a particular effective capability * @cred: The credentials to use diff --git a/security/security.c b/security/security.c index 8900c5c4db5c..85481a9c5632 100644 --- a/security/security.c +++ b/security/security.c @@ -922,12 +922,6 @@ int security_netlink_send(struct sock *sk, struct sk_buff *skb) return security_ops->netlink_send(sk, skb); } -int security_netlink_recv(struct sk_buff *skb, int cap) -{ - return security_ops->netlink_recv(skb, cap); -} -EXPORT_SYMBOL(security_netlink_recv); - int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) { return security_ops->secid_to_secctx(secid, secdata, seclen); diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 14f94cd29c80..3e37d25a9bbe 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -4713,24 +4713,6 @@ static int selinux_netlink_send(struct sock *sk, struct sk_buff *skb) return selinux_nlmsg_perm(sk, skb); } -static int selinux_netlink_recv(struct sk_buff *skb, int capability) -{ - int err; - struct common_audit_data ad; - u32 sid; - - err = cap_netlink_recv(skb, capability); - if (err) - return err; - - COMMON_AUDIT_DATA_INIT(&ad, CAP); - ad.u.cap = capability; - - security_task_getsecid(current, &sid); - return avc_has_perm(sid, sid, SECCLASS_CAPABILITY, - CAP_TO_MASK(capability), &ad); -} - static int ipc_alloc_security(struct task_struct *task, struct kern_ipc_perm *perm, u16 sclass) @@ -5459,7 +5441,6 @@ static struct security_operations selinux_ops = { .vm_enough_memory = selinux_vm_enough_memory, .netlink_send = selinux_netlink_send, - .netlink_recv = selinux_netlink_recv, .bprm_set_creds = selinux_bprm_set_creds, .bprm_committing_creds = selinux_bprm_committing_creds, -- cgit v1.2.3-70-g09d2 From cdcf116d44e78c7216ba9f8be9af1cdfca7af728 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Thu, 8 Dec 2011 10:51:53 -0500 Subject: switch security_path_chmod() to struct path * Signed-off-by: Al Viro --- fs/open.c | 2 +- include/linux/security.h | 10 +++------- security/apparmor/lsm.c | 7 +++---- security/capability.c | 3 +-- security/security.c | 7 +++---- security/tomoyo/tomoyo.c | 11 ++++------- 6 files changed, 15 insertions(+), 25 deletions(-) (limited to 'include/linux/security.h') diff --git a/fs/open.c b/fs/open.c index 2659f596f4c5..77becc041149 100644 --- a/fs/open.c +++ b/fs/open.c @@ -456,7 +456,7 @@ static int chmod_common(struct path *path, umode_t mode) if (error) return error; mutex_lock(&inode->i_mutex); - error = security_path_chmod(path->dentry, path->mnt, mode); + error = security_path_chmod(path, mode); if (error) goto out_unlock; newattrs.ia_mode = (mode & S_IALLUGO) | (inode->i_mode & ~S_IALLUGO); diff --git a/include/linux/security.h b/include/linux/security.h index 535721cc374a..4298d2dbafa3 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -1435,8 +1435,7 @@ struct security_operations { struct dentry *new_dentry); int (*path_rename) (struct path *old_dir, struct dentry *old_dentry, struct path *new_dir, struct dentry *new_dentry); - int (*path_chmod) (struct dentry *dentry, struct vfsmount *mnt, - umode_t mode); + int (*path_chmod) (struct path *path, umode_t mode); int (*path_chown) (struct path *path, uid_t uid, gid_t gid); int (*path_chroot) (struct path *path); #endif @@ -2866,8 +2865,7 @@ int security_path_link(struct dentry *old_dentry, struct path *new_dir, struct dentry *new_dentry); int security_path_rename(struct path *old_dir, struct dentry *old_dentry, struct path *new_dir, struct dentry *new_dentry); -int security_path_chmod(struct dentry *dentry, struct vfsmount *mnt, - umode_t mode); +int security_path_chmod(struct path *path, umode_t mode); int security_path_chown(struct path *path, uid_t uid, gid_t gid); int security_path_chroot(struct path *path); #else /* CONFIG_SECURITY_PATH */ @@ -2919,9 +2917,7 @@ static inline int security_path_rename(struct path *old_dir, return 0; } -static inline int security_path_chmod(struct dentry *dentry, - struct vfsmount *mnt, - umode_t mode) +static inline int security_path_chmod(struct path *path, umode_t mode) { return 0; } diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index c0a399ec1df9..2c0a0ff41399 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -344,13 +344,12 @@ static int apparmor_path_rename(struct path *old_dir, struct dentry *old_dentry, return error; } -static int apparmor_path_chmod(struct dentry *dentry, struct vfsmount *mnt, - umode_t mode) +static int apparmor_path_chmod(struct path *path, umode_t mode) { - if (!mediated_filesystem(dentry->d_inode)) + if (!mediated_filesystem(path->dentry->d_inode)) return 0; - return common_perm_mnt_dentry(OP_CHMOD, mnt, dentry, AA_MAY_CHMOD); + return common_perm_mnt_dentry(OP_CHMOD, path->mnt, path->dentry, AA_MAY_CHMOD); } static int apparmor_path_chown(struct path *path, uid_t uid, gid_t gid) diff --git a/security/capability.c b/security/capability.c index 156816d451ba..3b5883b7179f 100644 --- a/security/capability.c +++ b/security/capability.c @@ -279,8 +279,7 @@ static int cap_path_truncate(struct path *path) return 0; } -static int cap_path_chmod(struct dentry *dentry, struct vfsmount *mnt, - umode_t mode) +static int cap_path_chmod(struct path *path, umode_t mode) { return 0; } diff --git a/security/security.c b/security/security.c index 151152de1a0a..214502c772ab 100644 --- a/security/security.c +++ b/security/security.c @@ -454,12 +454,11 @@ int security_path_truncate(struct path *path) return security_ops->path_truncate(path); } -int security_path_chmod(struct dentry *dentry, struct vfsmount *mnt, - umode_t mode) +int security_path_chmod(struct path *path, umode_t mode) { - if (unlikely(IS_PRIVATE(dentry->d_inode))) + if (unlikely(IS_PRIVATE(path->dentry->d_inode))) return 0; - return security_ops->path_chmod(dentry, mnt, mode); + return security_ops->path_chmod(path, mode); } int security_path_chown(struct path *path, uid_t uid, gid_t gid) diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index 75c956a51e75..620d37c159a3 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c @@ -353,17 +353,14 @@ static int tomoyo_file_ioctl(struct file *file, unsigned int cmd, /** * tomoyo_path_chmod - Target for security_path_chmod(). * - * @dentry: Pointer to "struct dentry". - * @mnt: Pointer to "struct vfsmount". - * @mode: DAC permission mode. + * @path: Pointer to "struct path". + * @mode: DAC permission mode. * * Returns 0 on success, negative value otherwise. */ -static int tomoyo_path_chmod(struct dentry *dentry, struct vfsmount *mnt, - umode_t mode) +static int tomoyo_path_chmod(struct path *path, umode_t mode) { - struct path path = { mnt, dentry }; - return tomoyo_path_number_perm(TOMOYO_TYPE_CHMOD, &path, + return tomoyo_path_number_perm(TOMOYO_TYPE_CHMOD, path, mode & S_IALLUGO); } -- cgit v1.2.3-70-g09d2