VFS: security/: d_backing_inode() annotations
authorDavid Howells <dhowells@redhat.com>
Tue, 17 Mar 2015 22:26:22 +0000 (22:26 +0000)
committerAl Viro <viro@zeniv.linux.org.uk>
Wed, 15 Apr 2015 19:06:56 +0000 (15:06 -0400)
most of the ->d_inode uses there refer to the same inode IO would
go to, i.e. d_backing_inode()

Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
12 files changed:
security/apparmor/file.c
security/apparmor/lsm.c
security/commoncap.c
security/integrity/evm/evm_crypto.c
security/integrity/evm/evm_main.c
security/integrity/ima/ima_appraise.c
security/lsm_audit.c
security/security.c
security/selinux/hooks.c
security/smack/smack_lsm.c
security/tomoyo/condition.c
security/tomoyo/realpath.c

index fdaa50cb1876e2ac5a1cae2d54d74794db5f2f65..913f377a038a672f8cdc07c0aaa23721b47321b2 100644 (file)
@@ -259,7 +259,7 @@ unsigned int aa_str_perms(struct aa_dfa *dfa, unsigned int start,
  */
 static inline bool is_deleted(struct dentry *dentry)
 {
-       if (d_unlinked(dentry) && dentry->d_inode->i_nlink == 0)
+       if (d_unlinked(dentry) && d_backing_inode(dentry)->i_nlink == 0)
                return 1;
        return 0;
 }
@@ -351,8 +351,8 @@ int aa_path_link(struct aa_profile *profile, struct dentry *old_dentry,
        struct path link = { new_dir->mnt, new_dentry };
        struct path target = { new_dir->mnt, old_dentry };
        struct path_cond cond = {
-               old_dentry->d_inode->i_uid,
-               old_dentry->d_inode->i_mode
+               d_backing_inode(old_dentry)->i_uid,
+               d_backing_inode(old_dentry)->i_mode
        };
        char *buffer = NULL, *buffer2 = NULL;
        const char *lname, *tname = NULL, *info = NULL;
index dd56bffd6500e078b4aa7d4b64c8e04c91802541..e5f1561439dbe016bcaaf4c7ffe00516e0550b8d 100644 (file)
@@ -204,8 +204,8 @@ static int common_perm_mnt_dentry(int op, struct vfsmount *mnt,
                                  struct dentry *dentry, u32 mask)
 {
        struct path path = { mnt, dentry };
-       struct path_cond cond = { dentry->d_inode->i_uid,
-                                 dentry->d_inode->i_mode
+       struct path_cond cond = { d_backing_inode(dentry)->i_uid,
+                                 d_backing_inode(dentry)->i_mode
        };
 
        return common_perm(op, &path, mask, &cond);
@@ -223,7 +223,7 @@ static int common_perm_mnt_dentry(int op, struct vfsmount *mnt,
 static int common_perm_rm(int op, struct path *dir,
                          struct dentry *dentry, u32 mask)
 {
-       struct inode *inode = dentry->d_inode;
+       struct inode *inode = d_backing_inode(dentry);
        struct path_cond cond = { };
 
        if (!inode || !dir->mnt || !mediated_filesystem(dentry))
@@ -281,8 +281,8 @@ static int apparmor_path_mknod(struct path *dir, struct dentry *dentry,
 
 static int apparmor_path_truncate(struct path *path)
 {
-       struct path_cond cond = { path->dentry->d_inode->i_uid,
-                                 path->dentry->d_inode->i_mode
+       struct path_cond cond = { d_backing_inode(path->dentry)->i_uid,
+                                 d_backing_inode(path->dentry)->i_mode
        };
 
        if (!path->mnt || !mediated_filesystem(path->dentry))
@@ -327,8 +327,8 @@ static int apparmor_path_rename(struct path *old_dir, struct dentry *old_dentry,
        if (!unconfined(profile)) {
                struct path old_path = { old_dir->mnt, old_dentry };
                struct path new_path = { new_dir->mnt, new_dentry };
-               struct path_cond cond = { old_dentry->d_inode->i_uid,
-                                         old_dentry->d_inode->i_mode
+               struct path_cond cond = { d_backing_inode(old_dentry)->i_uid,
+                                         d_backing_inode(old_dentry)->i_mode
                };
 
                error = aa_path_perm(OP_RENAME_SRC, profile, &old_path, 0,
@@ -354,8 +354,8 @@ static int apparmor_path_chmod(struct path *path, umode_t mode)
 
 static int apparmor_path_chown(struct path *path, kuid_t uid, kgid_t gid)
 {
-       struct path_cond cond =  { path->dentry->d_inode->i_uid,
-                                  path->dentry->d_inode->i_mode
+       struct path_cond cond =  { d_backing_inode(path->dentry)->i_uid,
+                                  d_backing_inode(path->dentry)->i_mode
        };
 
        if (!mediated_filesystem(path->dentry))
index f66713bd7450a7e522fd29faa543eb1171885a18..f2875cd9f67775828c01557c513b464705e70653 100644 (file)
@@ -297,7 +297,7 @@ static inline void bprm_clear_caps(struct linux_binprm *bprm)
  */
 int cap_inode_need_killpriv(struct dentry *dentry)
 {
-       struct inode *inode = dentry->d_inode;
+       struct inode *inode = d_backing_inode(dentry);
        int error;
 
        if (!inode->i_op->getxattr)
@@ -319,7 +319,7 @@ int cap_inode_need_killpriv(struct dentry *dentry)
  */
 int cap_inode_killpriv(struct dentry *dentry)
 {
-       struct inode *inode = dentry->d_inode;
+       struct inode *inode = d_backing_inode(dentry);
 
        if (!inode->i_op->removexattr)
               return 0;
@@ -375,7 +375,7 @@ static inline int bprm_caps_from_vfs_caps(struct cpu_vfs_cap_data *caps,
  */
 int get_vfs_caps_from_disk(const struct dentry *dentry, struct cpu_vfs_cap_data *cpu_caps)
 {
-       struct inode *inode = dentry->d_inode;
+       struct inode *inode = d_backing_inode(dentry);
        __u32 magic_etc;
        unsigned tocopy, i;
        int size;
index 5e9687f02e1b14e56e56d3a303afbef23ea79dca..159ef3ea41308dbb2ef44e2c491d44083c27d72f 100644 (file)
@@ -131,7 +131,7 @@ static int evm_calc_hmac_or_hash(struct dentry *dentry,
                                size_t req_xattr_value_len,
                                char type, char *digest)
 {
-       struct inode *inode = dentry->d_inode;
+       struct inode *inode = d_backing_inode(dentry);
        struct shash_desc *desc;
        char **xattrname;
        size_t xattr_size = 0;
@@ -199,7 +199,7 @@ int evm_calc_hash(struct dentry *dentry, const char *req_xattr_name,
 int evm_update_evmxattr(struct dentry *dentry, const char *xattr_name,
                        const char *xattr_value, size_t xattr_value_len)
 {
-       struct inode *inode = dentry->d_inode;
+       struct inode *inode = d_backing_inode(dentry);
        struct evm_ima_xattr_data xattr_data;
        int rc = 0;
 
index f589c9a05da29f6bf40cfd903858ee1569791c41..10f994307a04ec0473fef1795a4b8b0cca3755e3 100644 (file)
@@ -72,7 +72,7 @@ static void __init evm_init_config(void)
 
 static int evm_find_protected_xattrs(struct dentry *dentry)
 {
-       struct inode *inode = dentry->d_inode;
+       struct inode *inode = d_backing_inode(dentry);
        char **xattr;
        int error;
        int count = 0;
@@ -165,8 +165,8 @@ static enum integrity_status evm_verify_hmac(struct dentry *dentry,
                        /* Replace RSA with HMAC if not mounted readonly and
                         * not immutable
                         */
-                       if (!IS_RDONLY(dentry->d_inode) &&
-                           !IS_IMMUTABLE(dentry->d_inode))
+                       if (!IS_RDONLY(d_backing_inode(dentry)) &&
+                           !IS_IMMUTABLE(d_backing_inode(dentry)))
                                evm_update_evmxattr(dentry, xattr_name,
                                                    xattr_value,
                                                    xattr_value_len);
@@ -235,7 +235,7 @@ enum integrity_status evm_verifyxattr(struct dentry *dentry,
                return INTEGRITY_UNKNOWN;
 
        if (!iint) {
-               iint = integrity_iint_find(dentry->d_inode);
+               iint = integrity_iint_find(d_backing_inode(dentry));
                if (!iint)
                        return INTEGRITY_UNKNOWN;
        }
@@ -253,7 +253,7 @@ EXPORT_SYMBOL_GPL(evm_verifyxattr);
  */
 static enum integrity_status evm_verify_current_integrity(struct dentry *dentry)
 {
-       struct inode *inode = dentry->d_inode;
+       struct inode *inode = d_backing_inode(dentry);
 
        if (!evm_initialized || !S_ISREG(inode->i_mode) || evm_fixmode)
                return 0;
@@ -293,13 +293,13 @@ static int evm_protect_xattr(struct dentry *dentry, const char *xattr_name,
        if (evm_status == INTEGRITY_NOXATTRS) {
                struct integrity_iint_cache *iint;
 
-               iint = integrity_iint_find(dentry->d_inode);
+               iint = integrity_iint_find(d_backing_inode(dentry));
                if (iint && (iint->flags & IMA_NEW_FILE))
                        return 0;
        }
 out:
        if (evm_status != INTEGRITY_PASS)
-               integrity_audit_msg(AUDIT_INTEGRITY_METADATA, dentry->d_inode,
+               integrity_audit_msg(AUDIT_INTEGRITY_METADATA, d_backing_inode(dentry),
                                    dentry->d_name.name, "appraise_metadata",
                                    integrity_status_msg[evm_status],
                                    -EPERM, 0);
@@ -379,7 +379,7 @@ void evm_inode_post_setxattr(struct dentry *dentry, const char *xattr_name,
  */
 void evm_inode_post_removexattr(struct dentry *dentry, const char *xattr_name)
 {
-       struct inode *inode = dentry->d_inode;
+       struct inode *inode = d_backing_inode(dentry);
 
        if (!evm_initialized || !evm_protected_xattr(xattr_name))
                return;
@@ -404,7 +404,7 @@ int evm_inode_setattr(struct dentry *dentry, struct iattr *attr)
        if ((evm_status == INTEGRITY_PASS) ||
            (evm_status == INTEGRITY_NOXATTRS))
                return 0;
-       integrity_audit_msg(AUDIT_INTEGRITY_METADATA, dentry->d_inode,
+       integrity_audit_msg(AUDIT_INTEGRITY_METADATA, d_backing_inode(dentry),
                            dentry->d_name.name, "appraise_metadata",
                            integrity_status_msg[evm_status], -EPERM, 0);
        return -EPERM;
index fffcdb0b31f0dfc139ea15079bfb1f89d1b739a1..4df493e4b3c9108e1c37e00397a4c4c56809c4da 100644 (file)
@@ -165,7 +165,7 @@ void ima_get_hash_algo(struct evm_ima_xattr_data *xattr_value, int xattr_len,
 int ima_read_xattr(struct dentry *dentry,
                   struct evm_ima_xattr_data **xattr_value)
 {
-       struct inode *inode = dentry->d_inode;
+       struct inode *inode = d_backing_inode(dentry);
 
        if (!inode->i_op->getxattr)
                return 0;
@@ -190,7 +190,7 @@ int ima_appraise_measurement(int func, struct integrity_iint_cache *iint,
        static const char op[] = "appraise_data";
        char *cause = "unknown";
        struct dentry *dentry = file->f_path.dentry;
-       struct inode *inode = dentry->d_inode;
+       struct inode *inode = d_backing_inode(dentry);
        enum integrity_status status = INTEGRITY_UNKNOWN;
        int rc = xattr_len, hash_start = 0;
 
@@ -314,7 +314,7 @@ void ima_update_xattr(struct integrity_iint_cache *iint, struct file *file)
  */
 void ima_inode_post_setattr(struct dentry *dentry)
 {
-       struct inode *inode = dentry->d_inode;
+       struct inode *inode = d_backing_inode(dentry);
        struct integrity_iint_cache *iint;
        int must_appraise, rc;
 
@@ -380,7 +380,7 @@ int ima_inode_setxattr(struct dentry *dentry, const char *xattr_name,
        if (result == 1) {
                if (!xattr_value_len || (xvalue->type >= IMA_XATTR_LAST))
                        return -EINVAL;
-               ima_reset_appraise_flags(dentry->d_inode,
+               ima_reset_appraise_flags(d_backing_inode(dentry),
                         (xvalue->type == EVM_IMA_XATTR_DIGSIG) ? 1 : 0);
                result = 0;
        }
@@ -393,7 +393,7 @@ int ima_inode_removexattr(struct dentry *dentry, const char *xattr_name)
 
        result = ima_protect_xattr(dentry, xattr_name, NULL, 0);
        if (result == 1) {
-               ima_reset_appraise_flags(dentry->d_inode, 0);
+               ima_reset_appraise_flags(d_backing_inode(dentry), 0);
                result = 0;
        }
        return result;
index 69fdf3bc765b3e1deddb374dfa27908fc05df851..3b27e9928238790b24c6171841278afb219e42ce 100644 (file)
@@ -237,7 +237,7 @@ static void dump_common_audit_data(struct audit_buffer *ab,
 
                audit_log_d_path(ab, " path=", &a->u.path);
 
-               inode = a->u.path.dentry->d_inode;
+               inode = d_backing_inode(a->u.path.dentry);
                if (inode) {
                        audit_log_format(ab, " dev=");
                        audit_log_untrustedstring(ab, inode->i_sb->s_id);
@@ -251,7 +251,7 @@ static void dump_common_audit_data(struct audit_buffer *ab,
                audit_log_format(ab, " name=");
                audit_log_untrustedstring(ab, a->u.dentry->d_name.name);
 
-               inode = a->u.dentry->d_inode;
+               inode = d_backing_inode(a->u.dentry);
                if (inode) {
                        audit_log_format(ab, " dev=");
                        audit_log_untrustedstring(ab, inode->i_sb->s_id);
index 730ac65a573722238142ad0d978abc26f87287cd..8e9b1f4b9b45dfac98287fe969b869a3a29fb2bc 100644 (file)
@@ -410,7 +410,7 @@ EXPORT_SYMBOL(security_old_inode_init_security);
 int security_path_mknod(struct path *dir, struct dentry *dentry, umode_t mode,
                        unsigned int dev)
 {
-       if (unlikely(IS_PRIVATE(dir->dentry->d_inode)))
+       if (unlikely(IS_PRIVATE(d_backing_inode(dir->dentry))))
                return 0;
        return security_ops->path_mknod(dir, dentry, mode, dev);
 }
@@ -418,7 +418,7 @@ EXPORT_SYMBOL(security_path_mknod);
 
 int security_path_mkdir(struct path *dir, struct dentry *dentry, umode_t mode)
 {
-       if (unlikely(IS_PRIVATE(dir->dentry->d_inode)))
+       if (unlikely(IS_PRIVATE(d_backing_inode(dir->dentry))))
                return 0;
        return security_ops->path_mkdir(dir, dentry, mode);
 }
@@ -426,14 +426,14 @@ EXPORT_SYMBOL(security_path_mkdir);
 
 int security_path_rmdir(struct path *dir, struct dentry *dentry)
 {
-       if (unlikely(IS_PRIVATE(dir->dentry->d_inode)))
+       if (unlikely(IS_PRIVATE(d_backing_inode(dir->dentry))))
                return 0;
        return security_ops->path_rmdir(dir, dentry);
 }
 
 int security_path_unlink(struct path *dir, struct dentry *dentry)
 {
-       if (unlikely(IS_PRIVATE(dir->dentry->d_inode)))
+       if (unlikely(IS_PRIVATE(d_backing_inode(dir->dentry))))
                return 0;
        return security_ops->path_unlink(dir, dentry);
 }
@@ -442,7 +442,7 @@ EXPORT_SYMBOL(security_path_unlink);
 int security_path_symlink(struct path *dir, struct dentry *dentry,
                          const char *old_name)
 {
-       if (unlikely(IS_PRIVATE(dir->dentry->d_inode)))
+       if (unlikely(IS_PRIVATE(d_backing_inode(dir->dentry))))
                return 0;
        return security_ops->path_symlink(dir, dentry, old_name);
 }
@@ -450,7 +450,7 @@ int security_path_symlink(struct path *dir, struct dentry *dentry,
 int security_path_link(struct dentry *old_dentry, struct path *new_dir,
                       struct dentry *new_dentry)
 {
-       if (unlikely(IS_PRIVATE(old_dentry->d_inode)))
+       if (unlikely(IS_PRIVATE(d_backing_inode(old_dentry))))
                return 0;
        return security_ops->path_link(old_dentry, new_dir, new_dentry);
 }
@@ -459,8 +459,8 @@ int security_path_rename(struct path *old_dir, struct dentry *old_dentry,
                         struct path *new_dir, struct dentry *new_dentry,
                         unsigned int flags)
 {
-       if (unlikely(IS_PRIVATE(old_dentry->d_inode) ||
-                    (new_dentry->d_inode && IS_PRIVATE(new_dentry->d_inode))))
+       if (unlikely(IS_PRIVATE(d_backing_inode(old_dentry)) ||
+                    (d_is_positive(new_dentry) && IS_PRIVATE(d_backing_inode(new_dentry)))))
                return 0;
 
        if (flags & RENAME_EXCHANGE) {
@@ -477,21 +477,21 @@ EXPORT_SYMBOL(security_path_rename);
 
 int security_path_truncate(struct path *path)
 {
-       if (unlikely(IS_PRIVATE(path->dentry->d_inode)))
+       if (unlikely(IS_PRIVATE(d_backing_inode(path->dentry))))
                return 0;
        return security_ops->path_truncate(path);
 }
 
 int security_path_chmod(struct path *path, umode_t mode)
 {
-       if (unlikely(IS_PRIVATE(path->dentry->d_inode)))
+       if (unlikely(IS_PRIVATE(d_backing_inode(path->dentry))))
                return 0;
        return security_ops->path_chmod(path, mode);
 }
 
 int security_path_chown(struct path *path, kuid_t uid, kgid_t gid)
 {
-       if (unlikely(IS_PRIVATE(path->dentry->d_inode)))
+       if (unlikely(IS_PRIVATE(d_backing_inode(path->dentry))))
                return 0;
        return security_ops->path_chown(path, uid, gid);
 }
@@ -513,14 +513,14 @@ EXPORT_SYMBOL_GPL(security_inode_create);
 int security_inode_link(struct dentry *old_dentry, struct inode *dir,
                         struct dentry *new_dentry)
 {
-       if (unlikely(IS_PRIVATE(old_dentry->d_inode)))
+       if (unlikely(IS_PRIVATE(d_backing_inode(old_dentry))))
                return 0;
        return security_ops->inode_link(old_dentry, dir, new_dentry);
 }
 
 int security_inode_unlink(struct inode *dir, struct dentry *dentry)
 {
-       if (unlikely(IS_PRIVATE(dentry->d_inode)))
+       if (unlikely(IS_PRIVATE(d_backing_inode(dentry))))
                return 0;
        return security_ops->inode_unlink(dir, dentry);
 }
@@ -543,7 +543,7 @@ EXPORT_SYMBOL_GPL(security_inode_mkdir);
 
 int security_inode_rmdir(struct inode *dir, struct dentry *dentry)
 {
-       if (unlikely(IS_PRIVATE(dentry->d_inode)))
+       if (unlikely(IS_PRIVATE(d_backing_inode(dentry))))
                return 0;
        return security_ops->inode_rmdir(dir, dentry);
 }
@@ -559,8 +559,8 @@ int security_inode_rename(struct inode *old_dir, struct dentry *old_dentry,
                           struct inode *new_dir, struct dentry *new_dentry,
                           unsigned int flags)
 {
-        if (unlikely(IS_PRIVATE(old_dentry->d_inode) ||
-            (new_dentry->d_inode && IS_PRIVATE(new_dentry->d_inode))))
+        if (unlikely(IS_PRIVATE(d_backing_inode(old_dentry)) ||
+            (d_is_positive(new_dentry) && IS_PRIVATE(d_backing_inode(new_dentry)))))
                return 0;
 
        if (flags & RENAME_EXCHANGE) {
@@ -576,14 +576,14 @@ int security_inode_rename(struct inode *old_dir, struct dentry *old_dentry,
 
 int security_inode_readlink(struct dentry *dentry)
 {
-       if (unlikely(IS_PRIVATE(dentry->d_inode)))
+       if (unlikely(IS_PRIVATE(d_backing_inode(dentry))))
                return 0;
        return security_ops->inode_readlink(dentry);
 }
 
 int security_inode_follow_link(struct dentry *dentry, struct nameidata *nd)
 {
-       if (unlikely(IS_PRIVATE(dentry->d_inode)))
+       if (unlikely(IS_PRIVATE(d_backing_inode(dentry))))
                return 0;
        return security_ops->inode_follow_link(dentry, nd);
 }
@@ -599,7 +599,7 @@ int security_inode_setattr(struct dentry *dentry, struct iattr *attr)
 {
        int ret;
 
-       if (unlikely(IS_PRIVATE(dentry->d_inode)))
+       if (unlikely(IS_PRIVATE(d_backing_inode(dentry))))
                return 0;
        ret = security_ops->inode_setattr(dentry, attr);
        if (ret)
@@ -610,7 +610,7 @@ EXPORT_SYMBOL_GPL(security_inode_setattr);
 
 int security_inode_getattr(const struct path *path)
 {
-       if (unlikely(IS_PRIVATE(path->dentry->d_inode)))
+       if (unlikely(IS_PRIVATE(d_backing_inode(path->dentry))))
                return 0;
        return security_ops->inode_getattr(path);
 }
@@ -620,7 +620,7 @@ int security_inode_setxattr(struct dentry *dentry, const char *name,
 {
        int ret;
 
-       if (unlikely(IS_PRIVATE(dentry->d_inode)))
+       if (unlikely(IS_PRIVATE(d_backing_inode(dentry))))
                return 0;
        ret = security_ops->inode_setxattr(dentry, name, value, size, flags);
        if (ret)
@@ -634,7 +634,7 @@ int security_inode_setxattr(struct dentry *dentry, const char *name,
 void security_inode_post_setxattr(struct dentry *dentry, const char *name,
                                  const void *value, size_t size, int flags)
 {
-       if (unlikely(IS_PRIVATE(dentry->d_inode)))
+       if (unlikely(IS_PRIVATE(d_backing_inode(dentry))))
                return;
        security_ops->inode_post_setxattr(dentry, name, value, size, flags);
        evm_inode_post_setxattr(dentry, name, value, size);
@@ -642,14 +642,14 @@ void security_inode_post_setxattr(struct dentry *dentry, const char *name,
 
 int security_inode_getxattr(struct dentry *dentry, const char *name)
 {
-       if (unlikely(IS_PRIVATE(dentry->d_inode)))
+       if (unlikely(IS_PRIVATE(d_backing_inode(dentry))))
                return 0;
        return security_ops->inode_getxattr(dentry, name);
 }
 
 int security_inode_listxattr(struct dentry *dentry)
 {
-       if (unlikely(IS_PRIVATE(dentry->d_inode)))
+       if (unlikely(IS_PRIVATE(d_backing_inode(dentry))))
                return 0;
        return security_ops->inode_listxattr(dentry);
 }
@@ -658,7 +658,7 @@ int security_inode_removexattr(struct dentry *dentry, const char *name)
 {
        int ret;
 
-       if (unlikely(IS_PRIVATE(dentry->d_inode)))
+       if (unlikely(IS_PRIVATE(d_backing_inode(dentry))))
                return 0;
        ret = security_ops->inode_removexattr(dentry, name);
        if (ret)
index c318b304ee2f5be7001d6e26e30811bbbbd83859..7dade28affba5a0ebc0944be49dbd59dbf5c8761 100644 (file)
@@ -414,7 +414,7 @@ static int sb_finish_set_opts(struct super_block *sb)
 {
        struct superblock_security_struct *sbsec = sb->s_security;
        struct dentry *root = sb->s_root;
-       struct inode *root_inode = root->d_inode;
+       struct inode *root_inode = d_backing_inode(root);
        int rc = 0;
 
        if (sbsec->behavior == SECURITY_FS_USE_XATTR) {
@@ -552,7 +552,7 @@ static int selinux_get_mnt_opts(const struct super_block *sb,
                opts->mnt_opts_flags[i++] = DEFCONTEXT_MNT;
        }
        if (sbsec->flags & ROOTCONTEXT_MNT) {
-               struct inode *root = sbsec->sb->s_root->d_inode;
+               struct inode *root = d_backing_inode(sbsec->sb->s_root);
                struct inode_security_struct *isec = root->i_security;
 
                rc = security_sid_to_context(isec->sid, &context, &len);
@@ -608,7 +608,7 @@ static int selinux_set_mnt_opts(struct super_block *sb,
        int rc = 0, i;
        struct superblock_security_struct *sbsec = sb->s_security;
        const char *name = sb->s_type->name;
-       struct inode *inode = sbsec->sb->s_root->d_inode;
+       struct inode *inode = d_backing_inode(sbsec->sb->s_root);
        struct inode_security_struct *root_isec = inode->i_security;
        u32 fscontext_sid = 0, context_sid = 0, rootcontext_sid = 0;
        u32 defcontext_sid = 0;
@@ -835,8 +835,8 @@ static int selinux_cmp_sb_context(const struct super_block *oldsb,
        if ((oldflags & DEFCONTEXT_MNT) && old->def_sid != new->def_sid)
                goto mismatch;
        if (oldflags & ROOTCONTEXT_MNT) {
-               struct inode_security_struct *oldroot = oldsb->s_root->d_inode->i_security;
-               struct inode_security_struct *newroot = newsb->s_root->d_inode->i_security;
+               struct inode_security_struct *oldroot = d_backing_inode(oldsb->s_root)->i_security;
+               struct inode_security_struct *newroot = d_backing_inode(newsb->s_root)->i_security;
                if (oldroot->sid != newroot->sid)
                        goto mismatch;
        }
@@ -886,16 +886,16 @@ static int selinux_sb_clone_mnt_opts(const struct super_block *oldsb,
                if (!set_fscontext)
                        newsbsec->sid = sid;
                if (!set_rootcontext) {
-                       struct inode *newinode = newsb->s_root->d_inode;
+                       struct inode *newinode = d_backing_inode(newsb->s_root);
                        struct inode_security_struct *newisec = newinode->i_security;
                        newisec->sid = sid;
                }
                newsbsec->mntpoint_sid = sid;
        }
        if (set_rootcontext) {
-               const struct inode *oldinode = oldsb->s_root->d_inode;
+               const struct inode *oldinode = d_backing_inode(oldsb->s_root);
                const struct inode_security_struct *oldisec = oldinode->i_security;
-               struct inode *newinode = newsb->s_root->d_inode;
+               struct inode *newinode = d_backing_inode(newsb->s_root);
                struct inode_security_struct *newisec = newinode->i_security;
 
                newisec->sid = oldisec->sid;
@@ -1610,7 +1610,7 @@ static inline int dentry_has_perm(const struct cred *cred,
                                  struct dentry *dentry,
                                  u32 av)
 {
-       struct inode *inode = dentry->d_inode;
+       struct inode *inode = d_backing_inode(dentry);
        struct common_audit_data ad;
 
        ad.type = LSM_AUDIT_DATA_DENTRY;
@@ -1625,7 +1625,7 @@ static inline int path_has_perm(const struct cred *cred,
                                const struct path *path,
                                u32 av)
 {
-       struct inode *inode = path->dentry->d_inode;
+       struct inode *inode = d_backing_inode(path->dentry);
        struct common_audit_data ad;
 
        ad.type = LSM_AUDIT_DATA_PATH;
@@ -1753,7 +1753,7 @@ static int may_link(struct inode *dir,
        int rc;
 
        dsec = dir->i_security;
-       isec = dentry->d_inode->i_security;
+       isec = d_backing_inode(dentry)->i_security;
 
        ad.type = LSM_AUDIT_DATA_DENTRY;
        ad.u.dentry = dentry;
@@ -1797,7 +1797,7 @@ static inline int may_rename(struct inode *old_dir,
        int rc;
 
        old_dsec = old_dir->i_security;
-       old_isec = old_dentry->d_inode->i_security;
+       old_isec = d_backing_inode(old_dentry)->i_security;
        old_is_dir = d_is_dir(old_dentry);
        new_dsec = new_dir->i_security;
 
@@ -1827,7 +1827,7 @@ static inline int may_rename(struct inode *old_dir,
        if (rc)
                return rc;
        if (d_is_positive(new_dentry)) {
-               new_isec = new_dentry->d_inode->i_security;
+               new_isec = d_backing_inode(new_dentry)->i_security;
                new_is_dir = d_is_dir(new_dentry);
                rc = avc_has_perm(sid, new_isec->sid,
                                  new_isec->sclass,
@@ -1963,7 +1963,7 @@ static int selinux_binder_transfer_file(struct task_struct *from,
 {
        u32 sid = task_sid(to);
        struct file_security_struct *fsec = file->f_security;
-       struct inode *inode = file->f_path.dentry->d_inode;
+       struct inode *inode = d_backing_inode(file->f_path.dentry);
        struct inode_security_struct *isec = inode->i_security;
        struct common_audit_data ad;
        int rc;
@@ -2627,7 +2627,7 @@ static int selinux_sb_remount(struct super_block *sb, void *data)
                        break;
                case ROOTCONTEXT_MNT: {
                        struct inode_security_struct *root_isec;
-                       root_isec = sb->s_root->d_inode->i_security;
+                       root_isec = d_backing_inode(sb->s_root)->i_security;
 
                        if (bad_option(sbsec, ROOTCONTEXT_MNT, root_isec->sid, sid))
                                goto out_bad_option;
@@ -2727,7 +2727,7 @@ static int selinux_dentry_init_security(struct dentry *dentry, int mode,
        struct task_security_struct *tsec;
        struct inode_security_struct *dsec;
        struct superblock_security_struct *sbsec;
-       struct inode *dir = dentry->d_parent->d_inode;
+       struct inode *dir = d_backing_inode(dentry->d_parent);
        u32 newsid;
        int rc;
 
@@ -2982,7 +2982,7 @@ static int selinux_inode_setotherxattr(struct dentry *dentry, const char *name)
 static int selinux_inode_setxattr(struct dentry *dentry, const char *name,
                                  const void *value, size_t size, int flags)
 {
-       struct inode *inode = dentry->d_inode;
+       struct inode *inode = d_backing_inode(dentry);
        struct inode_security_struct *isec = inode->i_security;
        struct superblock_security_struct *sbsec;
        struct common_audit_data ad;
@@ -3059,7 +3059,7 @@ static void selinux_inode_post_setxattr(struct dentry *dentry, const char *name,
                                        const void *value, size_t size,
                                        int flags)
 {
-       struct inode *inode = dentry->d_inode;
+       struct inode *inode = d_backing_inode(dentry);
        struct inode_security_struct *isec = inode->i_security;
        u32 newsid;
        int rc;
index 1511965549b8232fdd4d3469166023c2d140f908..14b316f60fc5f0d9859546278ed35fe7def3092b 100644 (file)
@@ -555,7 +555,7 @@ static int smack_sb_copy_data(char *orig, char *smackopts)
 static int smack_sb_kern_mount(struct super_block *sb, int flags, void *data)
 {
        struct dentry *root = sb->s_root;
-       struct inode *inode = root->d_inode;
+       struct inode *inode = d_backing_inode(root);
        struct superblock_smack *sp = sb->s_security;
        struct inode_smack *isp;
        struct smack_known *skp;
@@ -851,15 +851,15 @@ static int smack_inode_link(struct dentry *old_dentry, struct inode *dir,
        smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_DENTRY);
        smk_ad_setfield_u_fs_path_dentry(&ad, old_dentry);
 
-       isp = smk_of_inode(old_dentry->d_inode);
+       isp = smk_of_inode(d_backing_inode(old_dentry));
        rc = smk_curacc(isp, MAY_WRITE, &ad);
-       rc = smk_bu_inode(old_dentry->d_inode, MAY_WRITE, rc);
+       rc = smk_bu_inode(d_backing_inode(old_dentry), MAY_WRITE, rc);
 
        if (rc == 0 && d_is_positive(new_dentry)) {
-               isp = smk_of_inode(new_dentry->d_inode);
+               isp = smk_of_inode(d_backing_inode(new_dentry));
                smk_ad_setfield_u_fs_path_dentry(&ad, new_dentry);
                rc = smk_curacc(isp, MAY_WRITE, &ad);
-               rc = smk_bu_inode(new_dentry->d_inode, MAY_WRITE, rc);
+               rc = smk_bu_inode(d_backing_inode(new_dentry), MAY_WRITE, rc);
        }
 
        return rc;
@@ -875,7 +875,7 @@ static int smack_inode_link(struct dentry *old_dentry, struct inode *dir,
  */
 static int smack_inode_unlink(struct inode *dir, struct dentry *dentry)
 {
-       struct inode *ip = dentry->d_inode;
+       struct inode *ip = d_backing_inode(dentry);
        struct smk_audit_info ad;
        int rc;
 
@@ -918,8 +918,8 @@ static int smack_inode_rmdir(struct inode *dir, struct dentry *dentry)
        /*
         * You need write access to the thing you're removing
         */
-       rc = smk_curacc(smk_of_inode(dentry->d_inode), MAY_WRITE, &ad);
-       rc = smk_bu_inode(dentry->d_inode, MAY_WRITE, rc);
+       rc = smk_curacc(smk_of_inode(d_backing_inode(dentry)), MAY_WRITE, &ad);
+       rc = smk_bu_inode(d_backing_inode(dentry), MAY_WRITE, rc);
        if (rc == 0) {
                /*
                 * You also need write access to the containing directory
@@ -957,15 +957,15 @@ static int smack_inode_rename(struct inode *old_inode,
        smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_DENTRY);
        smk_ad_setfield_u_fs_path_dentry(&ad, old_dentry);
 
-       isp = smk_of_inode(old_dentry->d_inode);
+       isp = smk_of_inode(d_backing_inode(old_dentry));
        rc = smk_curacc(isp, MAY_READWRITE, &ad);
-       rc = smk_bu_inode(old_dentry->d_inode, MAY_READWRITE, rc);
+       rc = smk_bu_inode(d_backing_inode(old_dentry), MAY_READWRITE, rc);
 
        if (rc == 0 && d_is_positive(new_dentry)) {
-               isp = smk_of_inode(new_dentry->d_inode);
+               isp = smk_of_inode(d_backing_inode(new_dentry));
                smk_ad_setfield_u_fs_path_dentry(&ad, new_dentry);
                rc = smk_curacc(isp, MAY_READWRITE, &ad);
-               rc = smk_bu_inode(new_dentry->d_inode, MAY_READWRITE, rc);
+               rc = smk_bu_inode(d_backing_inode(new_dentry), MAY_READWRITE, rc);
        }
        return rc;
 }
@@ -1022,8 +1022,8 @@ static int smack_inode_setattr(struct dentry *dentry, struct iattr *iattr)
        smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_DENTRY);
        smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
 
-       rc = smk_curacc(smk_of_inode(dentry->d_inode), MAY_WRITE, &ad);
-       rc = smk_bu_inode(dentry->d_inode, MAY_WRITE, rc);
+       rc = smk_curacc(smk_of_inode(d_backing_inode(dentry)), MAY_WRITE, &ad);
+       rc = smk_bu_inode(d_backing_inode(dentry), MAY_WRITE, rc);
        return rc;
 }
 
@@ -1037,7 +1037,7 @@ static int smack_inode_setattr(struct dentry *dentry, struct iattr *iattr)
 static int smack_inode_getattr(const struct path *path)
 {
        struct smk_audit_info ad;
-       struct inode *inode = path->dentry->d_inode;
+       struct inode *inode = d_backing_inode(path->dentry);
        int rc;
 
        smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH);
@@ -1104,8 +1104,8 @@ static int smack_inode_setxattr(struct dentry *dentry, const char *name,
        smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
 
        if (rc == 0) {
-               rc = smk_curacc(smk_of_inode(dentry->d_inode), MAY_WRITE, &ad);
-               rc = smk_bu_inode(dentry->d_inode, MAY_WRITE, rc);
+               rc = smk_curacc(smk_of_inode(d_backing_inode(dentry)), MAY_WRITE, &ad);
+               rc = smk_bu_inode(d_backing_inode(dentry), MAY_WRITE, rc);
        }
 
        return rc;
@@ -1126,7 +1126,7 @@ static void smack_inode_post_setxattr(struct dentry *dentry, const char *name,
                                      const void *value, size_t size, int flags)
 {
        struct smack_known *skp;
-       struct inode_smack *isp = dentry->d_inode->i_security;
+       struct inode_smack *isp = d_backing_inode(dentry)->i_security;
 
        if (strcmp(name, XATTR_NAME_SMACKTRANSMUTE) == 0) {
                isp->smk_flags |= SMK_INODE_TRANSMUTE;
@@ -1171,8 +1171,8 @@ static int smack_inode_getxattr(struct dentry *dentry, const char *name)
        smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_DENTRY);
        smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
 
-       rc = smk_curacc(smk_of_inode(dentry->d_inode), MAY_READ, &ad);
-       rc = smk_bu_inode(dentry->d_inode, MAY_READ, rc);
+       rc = smk_curacc(smk_of_inode(d_backing_inode(dentry)), MAY_READ, &ad);
+       rc = smk_bu_inode(d_backing_inode(dentry), MAY_READ, rc);
        return rc;
 }
 
@@ -1208,12 +1208,12 @@ static int smack_inode_removexattr(struct dentry *dentry, const char *name)
        smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_DENTRY);
        smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
 
-       rc = smk_curacc(smk_of_inode(dentry->d_inode), MAY_WRITE, &ad);
-       rc = smk_bu_inode(dentry->d_inode, MAY_WRITE, rc);
+       rc = smk_curacc(smk_of_inode(d_backing_inode(dentry)), MAY_WRITE, &ad);
+       rc = smk_bu_inode(d_backing_inode(dentry), MAY_WRITE, rc);
        if (rc != 0)
                return rc;
 
-       isp = dentry->d_inode->i_security;
+       isp = d_backing_inode(dentry)->i_security;
        /*
         * Don't do anything special for these.
         *      XATTR_NAME_SMACKIPIN
index 63681e8be62868cb69e691619d9aa4068babb3f8..6c4528d4b48f8b5cdfaad0b072fc7afe6f17e1ff 100644 (file)
@@ -714,7 +714,7 @@ void tomoyo_get_attributes(struct tomoyo_obj_info *obj)
                        dentry = dget_parent(dentry);
                        break;
                }
-               inode = dentry->d_inode;
+               inode = d_backing_inode(dentry);
                if (inode) {
                        struct tomoyo_mini_stat *stat = &obj->stat[i];
                        stat->uid  = inode->i_uid;
index 1e0d480ff6a6b653cce9c4af266f5a8420a58c52..5077f1968841ab5717b88da5b965efa344961272 100644 (file)
@@ -97,7 +97,7 @@ static char *tomoyo_get_absolute_path(const struct path *path, char * const buff
                /* go to whatever namespace root we are under */
                pos = d_absolute_path(path, buffer, buflen - 1);
                if (!IS_ERR(pos) && *pos == '/' && pos[1]) {
-                       struct inode *inode = path->dentry->d_inode;
+                       struct inode *inode = d_backing_inode(path->dentry);
                        if (inode && S_ISDIR(inode->i_mode)) {
                                buffer[buflen - 2] = '/';
                                buffer[buflen - 1] = '\0';
@@ -125,7 +125,7 @@ static char *tomoyo_get_dentry_path(struct dentry *dentry, char * const buffer,
        if (buflen >= 256) {
                pos = dentry_path_raw(dentry, buffer, buflen - 1);
                if (!IS_ERR(pos) && *pos == '/' && pos[1]) {
-                       struct inode *inode = dentry->d_inode;
+                       struct inode *inode = d_backing_inode(dentry);
                        if (inode && S_ISDIR(inode->i_mode)) {
                                buffer[buflen - 2] = '/';
                                buffer[buflen - 1] = '\0';
@@ -168,7 +168,7 @@ static char *tomoyo_get_local_path(struct dentry *dentry, char * const buffer,
        if (!MAJOR(sb->s_dev))
                goto prepend_filesystem_name;
        {
-               struct inode *inode = sb->s_root->d_inode;
+               struct inode *inode = d_backing_inode(sb->s_root);
                /*
                 * Use filesystem name if filesystem does not support rename()
                 * operation.
@@ -219,7 +219,7 @@ out:
 static char *tomoyo_get_socket_name(const struct path *path, char * const buffer,
                                    const int buflen)
 {
-       struct inode *inode = path->dentry->d_inode;
+       struct inode *inode = d_backing_inode(path->dentry);
        struct socket *sock = inode ? SOCKET_I(inode) : NULL;
        struct sock *sk = sock ? sock->sk : NULL;
        if (sk) {
@@ -277,7 +277,7 @@ char *tomoyo_realpath_from_path(const struct path *path)
                        pos = dentry->d_op->d_dname(dentry, buf, buf_len - 1);
                        goto encode;
                }
-               inode = sb->s_root->d_inode;
+               inode = d_backing_inode(sb->s_root);
                /*
                 * Get local name for filesystems without rename() operation
                 * or dentry without vfsmount.