diff options
author | Al Viro <viro@zeniv.linux.org.uk> | 2012-08-21 12:26:45 -0400 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2012-09-26 21:09:58 -0400 |
commit | ee97cd872d08b8623076f2a63ffb872d0884411a (patch) | |
tree | 0eb578bbf88459dff4e04b0273531971c539c466 | |
parent | 8280d16172243702ed43432f826ca6130edb4086 (diff) | |
download | lwn-ee97cd872d08b8623076f2a63ffb872d0884411a.tar.gz lwn-ee97cd872d08b8623076f2a63ffb872d0884411a.zip |
switch flush_unauthorized_files() to replace_fd()
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-rw-r--r-- | security/selinux/hooks.c | 47 |
1 files changed, 15 insertions, 32 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 6c77f63c7591..00b50113642d 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2126,8 +2126,6 @@ static inline void flush_unauthorized_files(const struct cred *cred, spin_lock(&files->file_lock); for (;;) { unsigned long set, i; - int fd; - j++; i = j * BITS_PER_LONG; fdt = files_fdtable(files); @@ -2138,38 +2136,23 @@ static inline void flush_unauthorized_files(const struct cred *cred, continue; spin_unlock(&files->file_lock); for ( ; set ; i++, set >>= 1) { - if (set & 1) { - file = fget(i); - if (!file) - continue; - if (file_has_perm(cred, - file, - file_to_av(file))) { - sys_close(i); - fd = get_unused_fd(); - if (fd != i) { - if (fd >= 0) - put_unused_fd(fd); - fput(file); - continue; - } - if (devnull) { - get_file(devnull); - } else { - devnull = dentry_open( - &selinux_null, - O_RDWR, cred); - if (IS_ERR(devnull)) { - devnull = NULL; - put_unused_fd(fd); - fput(file); - continue; - } - } - fd_install(fd, devnull); + if (!(set & 1)) + continue; + file = fget(i); + if (!file) + continue; + if (file_has_perm(cred, file, file_to_av(file))) { + if (devnull) { + get_file(devnull); + } else { + devnull = dentry_open(&selinux_null, + O_RDWR, cred); + if (IS_ERR(devnull)) + devnull = NULL; } - fput(file); + replace_fd(i, devnull, 0); } + fput(file); } spin_lock(&files->file_lock); |