diff options
author | Ahmed S. Darwish <darwish.07@gmail.com> | 2008-03-24 12:29:49 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2008-03-24 19:22:19 -0700 |
commit | cb622bbb69e41f2746aadf5d7d527e77597abe2e (patch) | |
tree | 537a1ce6f76bd915bf9acd197d6bf4d042063998 /security/smack | |
parent | 58336114af4d2cce830201aae49e50b93ede6c5c (diff) | |
download | op-kernel-dev-cb622bbb69e41f2746aadf5d7d527e77597abe2e.zip op-kernel-dev-cb622bbb69e41f2746aadf5d7d527e77597abe2e.tar.gz |
smackfs: remove redundant lock, fix open(,O_RDWR)
Older smackfs was parsing MAC rules by characters, thus a need of locking
write sessions on open() was needed. This lock is no longer useful now since
each rule is handled by a single write() call.
This is also a bugfix since seq_open() was not called if an open() O_RDWR flag
was given, leading to a seq_read() without an initialized seq_file, thus an
Oops.
Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com>
Reported-by: Jonathan Corbet <corbet@lwn.net>
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'security/smack')
-rw-r--r-- | security/smack/smackfs.c | 35 |
1 files changed, 2 insertions, 33 deletions
diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c index afe7c9b..cfae8af 100644 --- a/security/smack/smackfs.c +++ b/security/smack/smackfs.c @@ -74,11 +74,6 @@ struct smk_list_entry *smack_list; #define SEQ_READ_FINISHED 1 /* - * Disable concurrent writing open() operations - */ -static struct semaphore smack_write_sem; - -/* * Values for parsing cipso rules * SMK_DIGITLEN: Length of a digit field in a rule. * SMK_CIPSOMIN: Minimum possible cipso rule length. @@ -168,32 +163,7 @@ static struct seq_operations load_seq_ops = { */ static int smk_open_load(struct inode *inode, struct file *file) { - if ((file->f_flags & O_ACCMODE) == O_RDONLY) - return seq_open(file, &load_seq_ops); - - if (down_interruptible(&smack_write_sem)) - return -ERESTARTSYS; - - return 0; -} - -/** - * smk_release_load - release() for /smack/load - * @inode: inode structure representing file - * @file: "load" file pointer - * - * For a reading session, use the seq_file release - * implementation. - * Otherwise, we are at the end of a writing session so - * clean everything up. - */ -static int smk_release_load(struct inode *inode, struct file *file) -{ - if ((file->f_flags & O_ACCMODE) == O_RDONLY) - return seq_release(inode, file); - - up(&smack_write_sem); - return 0; + return seq_open(file, &load_seq_ops); } /** @@ -341,7 +311,7 @@ static const struct file_operations smk_load_ops = { .read = seq_read, .llseek = seq_lseek, .write = smk_write_load, - .release = smk_release_load, + .release = seq_release, }; /** @@ -1011,7 +981,6 @@ static int __init init_smk_fs(void) } } - sema_init(&smack_write_sem, 1); smk_cipso_doi(); smk_unlbl_ambient(NULL); |