Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Conflicts: drivers/net/usb/qmi_wwan.c include/net/dst.h Trivial merge conflicts, both were overlapping changes. Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
David S. Miller
@@ -746,7 +746,6 @@ inline int avc_has_perm_noaudit(u32 ssid, u32 tsid,
|
||||
* @tclass: target security class
|
||||
* @requested: requested permissions, interpreted based on @tclass
|
||||
* @auditdata: auxiliary audit data
|
||||
* @flags: VFS walk flags
|
||||
*
|
||||
* Check the AVC to determine whether the @requested permissions are granted
|
||||
* for the SID pair (@ssid, @tsid), interpreting the permissions
|
||||
@@ -756,17 +755,15 @@ inline int avc_has_perm_noaudit(u32 ssid, u32 tsid,
|
||||
* permissions are granted, -%EACCES if any permissions are denied, or
|
||||
* another -errno upon other errors.
|
||||
*/
|
||||
int avc_has_perm_flags(u32 ssid, u32 tsid, u16 tclass,
|
||||
u32 requested, struct common_audit_data *auditdata,
|
||||
unsigned flags)
|
||||
int avc_has_perm(u32 ssid, u32 tsid, u16 tclass,
|
||||
u32 requested, struct common_audit_data *auditdata)
|
||||
{
|
||||
struct av_decision avd;
|
||||
int rc, rc2;
|
||||
|
||||
rc = avc_has_perm_noaudit(ssid, tsid, tclass, requested, 0, &avd);
|
||||
|
||||
rc2 = avc_audit(ssid, tsid, tclass, requested, &avd, rc, auditdata,
|
||||
flags);
|
||||
rc2 = avc_audit(ssid, tsid, tclass, requested, &avd, rc, auditdata);
|
||||
if (rc2)
|
||||
return rc2;
|
||||
return rc;
|
||||
|
||||
@@ -1502,7 +1502,7 @@ static int cred_has_capability(const struct cred *cred,
|
||||
|
||||
rc = avc_has_perm_noaudit(sid, sid, sclass, av, 0, &avd);
|
||||
if (audit == SECURITY_CAP_AUDIT) {
|
||||
int rc2 = avc_audit(sid, sid, sclass, av, &avd, rc, &ad, 0);
|
||||
int rc2 = avc_audit(sid, sid, sclass, av, &avd, rc, &ad);
|
||||
if (rc2)
|
||||
return rc2;
|
||||
}
|
||||
@@ -1525,8 +1525,7 @@ static int task_has_system(struct task_struct *tsk,
|
||||
static int inode_has_perm(const struct cred *cred,
|
||||
struct inode *inode,
|
||||
u32 perms,
|
||||
struct common_audit_data *adp,
|
||||
unsigned flags)
|
||||
struct common_audit_data *adp)
|
||||
{
|
||||
struct inode_security_struct *isec;
|
||||
u32 sid;
|
||||
@@ -1539,7 +1538,7 @@ static int inode_has_perm(const struct cred *cred,
|
||||
sid = cred_sid(cred);
|
||||
isec = inode->i_security;
|
||||
|
||||
return avc_has_perm_flags(sid, isec->sid, isec->sclass, perms, adp, flags);
|
||||
return avc_has_perm(sid, isec->sid, isec->sclass, perms, adp);
|
||||
}
|
||||
|
||||
/* Same as inode_has_perm, but pass explicit audit data containing
|
||||
@@ -1554,7 +1553,7 @@ static inline int dentry_has_perm(const struct cred *cred,
|
||||
|
||||
ad.type = LSM_AUDIT_DATA_DENTRY;
|
||||
ad.u.dentry = dentry;
|
||||
return inode_has_perm(cred, inode, av, &ad, 0);
|
||||
return inode_has_perm(cred, inode, av, &ad);
|
||||
}
|
||||
|
||||
/* Same as inode_has_perm, but pass explicit audit data containing
|
||||
@@ -1569,7 +1568,7 @@ static inline int path_has_perm(const struct cred *cred,
|
||||
|
||||
ad.type = LSM_AUDIT_DATA_PATH;
|
||||
ad.u.path = *path;
|
||||
return inode_has_perm(cred, inode, av, &ad, 0);
|
||||
return inode_has_perm(cred, inode, av, &ad);
|
||||
}
|
||||
|
||||
/* Same as path_has_perm, but uses the inode from the file struct. */
|
||||
@@ -1581,7 +1580,7 @@ static inline int file_path_has_perm(const struct cred *cred,
|
||||
|
||||
ad.type = LSM_AUDIT_DATA_PATH;
|
||||
ad.u.path = file->f_path;
|
||||
return inode_has_perm(cred, file_inode(file), av, &ad, 0);
|
||||
return inode_has_perm(cred, file_inode(file), av, &ad);
|
||||
}
|
||||
|
||||
/* Check whether a task can use an open file descriptor to
|
||||
@@ -1617,7 +1616,7 @@ static int file_has_perm(const struct cred *cred,
|
||||
/* av is zero if only checking access to the descriptor. */
|
||||
rc = 0;
|
||||
if (av)
|
||||
rc = inode_has_perm(cred, inode, av, &ad, 0);
|
||||
rc = inode_has_perm(cred, inode, av, &ad);
|
||||
|
||||
out:
|
||||
return rc;
|
||||
|
||||
@@ -130,7 +130,7 @@ static inline int avc_audit(u32 ssid, u32 tsid,
|
||||
u16 tclass, u32 requested,
|
||||
struct av_decision *avd,
|
||||
int result,
|
||||
struct common_audit_data *a, unsigned flags)
|
||||
struct common_audit_data *a)
|
||||
{
|
||||
u32 audited, denied;
|
||||
audited = avc_audit_required(requested, avd, result, 0, &denied);
|
||||
@@ -138,7 +138,7 @@ static inline int avc_audit(u32 ssid, u32 tsid,
|
||||
return 0;
|
||||
return slow_avc_audit(ssid, tsid, tclass,
|
||||
requested, audited, denied,
|
||||
a, flags);
|
||||
a, 0);
|
||||
}
|
||||
|
||||
#define AVC_STRICT 1 /* Ignore permissive mode. */
|
||||
@@ -147,17 +147,9 @@ int avc_has_perm_noaudit(u32 ssid, u32 tsid,
|
||||
unsigned flags,
|
||||
struct av_decision *avd);
|
||||
|
||||
int avc_has_perm_flags(u32 ssid, u32 tsid,
|
||||
u16 tclass, u32 requested,
|
||||
struct common_audit_data *auditdata,
|
||||
unsigned);
|
||||
|
||||
static inline int avc_has_perm(u32 ssid, u32 tsid,
|
||||
u16 tclass, u32 requested,
|
||||
struct common_audit_data *auditdata)
|
||||
{
|
||||
return avc_has_perm_flags(ssid, tsid, tclass, requested, auditdata, 0);
|
||||
}
|
||||
int avc_has_perm(u32 ssid, u32 tsid,
|
||||
u16 tclass, u32 requested,
|
||||
struct common_audit_data *auditdata);
|
||||
|
||||
u32 avc_policy_seqno(void);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user