On Thu, 2003-09-04 at 08:28, Stephen Smalley wrote:
> On Wed, 2003-09-03 at 17:23, Chris Wright wrote:
> > int inode_permission(struct nameidata *nd, int mask);
>
> The nameidata isn't always available from the callers, and NULL may be
> passed, so you will still want to pass the inode as well. Security
> modules will still need to provide logic to handle the case where nd is
> NULL.
So, as an example, if the nameidata were added as a third parameter to
the inode_permission hook call, then the SELinux hook function would
likely be changed as shown below. This would benefit SELinux, not for
access checking, but in its ability to generate pathnames for audit
messages.
--- linux-2.6/security/selinux/hooks.c 2 Sep 2003 16:24:00 -0000 1.72
+++ linux-2.6/security/selinux/hooks.c 4 Sep 2003 16:02:14 -0000
@@ -1728,12 +1728,17 @@
return dentry_has_perm(current, NULL, dentry, FILE__READ);
}
-static int selinux_inode_permission(struct inode *inode, int mask)
+static int selinux_inode_permission(struct inode *inode, int mask,
+ struct nameidata *nd)
{
if (!mask) {
/* No permission to check. Existence test. */
return 0;
}
+
+ if (nd && nd->dentry)
+ return dentry_has_perm(current, nd->mnt, nd->dentry,
+ file_mask_to_av(inode->i_mode, mask));
return inode_has_perm(current, inode,
file_mask_to_av(inode->i_mode, mask), NULL, NULL);
--
Stephen Smalley <sdsat_private>
National Security Agency
_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Sep 04 2003 - 09:08:53 PDT