* Matthew Wilcox (matthewat_private) wrote: > > - Remove third argument from file_lock security op. Whether the lock is > blocking or not cannot make any difference to a security module! > - Fix the call in sys_flock to pass the translated lock command, not the > original. > - Add a call in fcntl_setlease. If they're going to know about two types > of lock, let's tell them about the third too. Matthew, thanks for the patch. It is incomplete, however, as the code that uses this hook needs to be updated as well. Linus, the patch below is relative to Matthew Wilcox's patch, and adjusts the superuser and capability modules according to the change in the interface. --- 2.5.29-flock/security/dummy.c Mon Jul 22 14:44:49 2002 +++ 2.5.29/security/dummy.c Mon Jul 29 16:54:52 2002 @@ -366,7 +366,7 @@ return 0; } -static int dummy_file_lock (struct file *file, unsigned int cmd, int blocking) +static int dummy_file_lock (struct file *file, unsigned int cmd) { return 0; } --- 2.5.29-flock/security/capability.c Mon Jul 22 14:17:37 2002 +++ 2.5.29/security/capability.c Mon Jul 29 16:54:28 2002 @@ -464,7 +464,7 @@ return 0; } -static int cap_file_lock (struct file *file, unsigned int cmd, int blocking) +static int cap_file_lock (struct file *file, unsigned int cmd) { return 0; } thanks, -chris -- Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Mon Jul 29 2002 - 17:00:49 PDT