[RFC 03/10] Pass no unnecessary information to iop->permission

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The various permission functions and the permission inode operation do
not need a full nameidata. Pass a struct vfs_lookup instead.

Signed-off-by: Andreas Gruenbacher <[email protected]>

---
 fs/afs/internal.h              |    4 +---
 fs/afs/security.c              |    2 +-
 fs/bad_inode.c                 |    2 +-
 fs/cifs/cifsfs.c               |    3 ++-
 fs/coda/dir.c                  |    2 +-
 fs/coda/pioctl.c               |    4 ++--
 fs/ecryptfs/inode.c            |   20 ++++++++++----------
 fs/exec.c                      |    4 ++--
 fs/ext2/acl.c                  |    2 +-
 fs/ext2/acl.h                  |    2 +-
 fs/ext3/acl.c                  |    2 +-
 fs/ext3/acl.h                  |    2 +-
 fs/ext4/acl.c                  |    2 +-
 fs/ext4/acl.h                  |    2 +-
 fs/fuse/dir.c                  |    4 ++--
 fs/gfs2/ops_inode.c            |    4 ++--
 fs/hfs/inode.c                 |    2 +-
 fs/hfsplus/inode.c             |    2 +-
 fs/inotify_user.c              |    2 +-
 fs/jffs2/acl.c                 |    2 +-
 fs/jffs2/acl.h                 |    2 +-
 fs/jfs/acl.c                   |    2 +-
 fs/jfs/jfs_acl.h               |    2 +-
 fs/namei.c                     |   34 +++++++++++++++++-----------------
 fs/nfs/dir.c                   |    8 ++++----
 fs/ocfs2/file.c                |    2 +-
 fs/ocfs2/file.h                |    3 +--
 fs/open.c                      |    8 ++++----
 fs/proc/base.c                 |    2 +-
 fs/proc/proc_sysctl.c          |    7 ++++---
 fs/reiserfs/xattr.c            |    3 ++-
 fs/smbfs/file.c                |    2 +-
 fs/utimes.c                    |    2 +-
 fs/xfs/linux-2.6/xfs_iops.c    |    2 +-
 include/linux/coda_linux.h     |    2 +-
 include/linux/fs.h             |    6 +++---
 include/linux/nfs_fs.h         |    2 +-
 include/linux/reiserfs_xattr.h |    4 ++--
 include/linux/security.h       |   10 +++++-----
 include/linux/shmem_fs.h       |    2 +-
 mm/shmem_acl.c                 |    2 +-
 net/unix/af_unix.c             |    2 +-
 security/dummy.c               |    2 +-
 security/selinux/hooks.c       |    4 ++--
 44 files changed, 92 insertions(+), 92 deletions(-)

--- a/fs/afs/internal.h
+++ b/fs/afs/internal.h
@@ -469,8 +469,6 @@ extern bool afs_cm_incoming_call(struct 
 extern const struct inode_operations afs_dir_inode_operations;
 extern const struct file_operations afs_dir_file_operations;
 
-extern int afs_permission(struct inode *, int, struct nameidata *);
-
 /*
  * file.c
  */
@@ -607,7 +605,7 @@ extern void afs_clear_permits(struct afs
 extern void afs_cache_permit(struct afs_vnode *, struct key *, long);
 extern void afs_zap_permits(struct rcu_head *);
 extern struct key *afs_request_key(struct afs_cell *);
-extern int afs_permission(struct inode *, int, struct nameidata *);
+extern int afs_permission(struct inode *, int, struct vfs_lookup *);
 
 /*
  * server.c
--- a/fs/afs/security.c
+++ b/fs/afs/security.c
@@ -284,7 +284,7 @@ static int afs_check_permit(struct afs_v
  * - AFS ACLs are attached to directories only, and a file is controlled by its
  *   parent directory's ACL
  */
-int afs_permission(struct inode *inode, int mask, struct nameidata *nd)
+int afs_permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
 {
 	struct afs_vnode *vnode = AFS_FS_I(inode);
 	afs_access_t access;
--- a/fs/bad_inode.c
+++ b/fs/bad_inode.c
@@ -244,7 +244,7 @@ static int bad_inode_readlink(struct den
 }
 
 static int bad_inode_permission(struct inode *inode, int mask,
-			struct nameidata *nd)
+			struct vfs_lookup *lookup)
 {
 	return -EIO;
 }
--- a/fs/cifs/cifsfs.c
+++ b/fs/cifs/cifsfs.c
@@ -234,7 +234,8 @@ cifs_statfs(struct dentry *dentry, struc
 				   longer available? */
 }
 
-static int cifs_permission(struct inode *inode, int mask, struct nameidata *nd)
+static int cifs_permission(struct inode *inode, int mask,
+		struct vfs_lookup *lookup)
 {
 	struct cifs_sb_info *cifs_sb;
 
--- a/fs/coda/dir.c
+++ b/fs/coda/dir.c
@@ -137,7 +137,7 @@ exit:
 }
 
 
-int coda_permission(struct inode *inode, int mask, struct nameidata *nd)
+int coda_permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
 {
         int error = 0;
  
--- a/fs/coda/pioctl.c
+++ b/fs/coda/pioctl.c
@@ -25,7 +25,7 @@
 
 /* pioctl ops */
 static int coda_ioctl_permission(struct inode *inode, int mask,
-				 struct nameidata *nd);
+				 struct vfs_lookup *lookup);
 static int coda_pioctl(struct inode * inode, struct file * filp, 
                        unsigned int cmd, unsigned long user_data);
 
@@ -43,7 +43,7 @@ const struct file_operations coda_ioctl_
 
 /* the coda pioctl inode ops */
 static int coda_ioctl_permission(struct inode *inode, int mask,
-				 struct nameidata *nd)
+				 struct vfs_lookup *lookup)
 {
         return 0;
 }
--- a/fs/ecryptfs/inode.c
+++ b/fs/ecryptfs/inode.c
@@ -855,19 +855,19 @@ out:
 }
 
 static int
-ecryptfs_permission(struct inode *inode, int mask, struct nameidata *nd)
+ecryptfs_permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
 {
 	int rc;
 
-        if (nd) {
-		struct vfsmount *vfsmnt_save = nd->lookup.path.mnt;
-		struct dentry *dentry_save = nd->lookup.path.dentry;
-
-		nd->lookup.path.mnt = ecryptfs_dentry_to_lower_mnt(nd->lookup.path.dentry);
-		nd->lookup.path.dentry = ecryptfs_dentry_to_lower(nd->lookup.path.dentry);
-		rc = permission(ecryptfs_inode_to_lower(inode), mask, nd);
-		nd->lookup.path.mnt = vfsmnt_save;
-		nd->lookup.path.dentry = dentry_save;
+        if (lookup) {
+		struct vfsmount *vfsmnt_save = lookup->path.mnt;
+		struct dentry *dentry_save = lookup->path.dentry;
+
+		lookup->path.mnt = ecryptfs_dentry_to_lower_mnt(lookup->path.dentry);
+		lookup->path.dentry = ecryptfs_dentry_to_lower(lookup->path.dentry);
+		rc = permission(ecryptfs_inode_to_lower(inode), mask, lookup);
+		lookup->path.mnt = vfsmnt_save;
+		lookup->path.dentry = dentry_save;
         } else
 		rc = permission(ecryptfs_inode_to_lower(inode), mask, NULL);
         return rc;
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -142,7 +142,7 @@ asmlinkage long sys_uselib(const char __
 	if (!S_ISREG(nd.lookup.path.dentry->d_inode->i_mode))
 		goto exit;
 
-	error = vfs_permission(&nd, MAY_READ | MAY_EXEC);
+	error = vfs_permission(&nd.lookup, MAY_READ | MAY_EXEC);
 	if (error)
 		goto exit;
 
@@ -683,7 +683,7 @@ struct file *open_exec(const char *name)
 		file = ERR_PTR(-EACCES);
 		if (!(nd.lookup.path.mnt->mnt_flags & MNT_NOEXEC) &&
 		    S_ISREG(inode->i_mode)) {
-			int err = vfs_permission(&nd, MAY_EXEC);
+			int err = vfs_permission(&nd.lookup, MAY_EXEC);
 			file = ERR_PTR(err);
 			if (!err) {
 				file = nameidata_to_filp(&nd, O_RDONLY);
--- a/fs/ext2/acl.c
+++ b/fs/ext2/acl.c
@@ -294,7 +294,7 @@ ext2_check_acl(struct inode *inode, int 
 }
 
 int
-ext2_permission(struct inode *inode, int mask, struct nameidata *nd)
+ext2_permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
 {
 	return generic_permission(inode, mask, ext2_check_acl);
 }
--- a/fs/ext2/acl.h
+++ b/fs/ext2/acl.h
@@ -58,7 +58,7 @@ static inline int ext2_acl_count(size_t 
 #define EXT2_ACL_NOT_CACHED ((void *)-1)
 
 /* acl.c */
-extern int ext2_permission (struct inode *, int, struct nameidata *);
+extern int ext2_permission (struct inode *, int, struct vfs_lookup *);
 extern int ext2_acl_chmod (struct inode *);
 extern int ext2_init_acl (struct inode *, struct inode *);
 
--- a/fs/ext3/acl.c
+++ b/fs/ext3/acl.c
@@ -299,7 +299,7 @@ ext3_check_acl(struct inode *inode, int 
 }
 
 int
-ext3_permission(struct inode *inode, int mask, struct nameidata *nd)
+ext3_permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
 {
 	return generic_permission(inode, mask, ext3_check_acl);
 }
--- a/fs/ext3/acl.h
+++ b/fs/ext3/acl.h
@@ -58,7 +58,7 @@ static inline int ext3_acl_count(size_t 
 #define EXT3_ACL_NOT_CACHED ((void *)-1)
 
 /* acl.c */
-extern int ext3_permission (struct inode *, int, struct nameidata *);
+extern int ext3_permission (struct inode *, int, struct vfs_lookup *);
 extern int ext3_acl_chmod (struct inode *);
 extern int ext3_init_acl (handle_t *, struct inode *, struct inode *);
 
--- a/fs/ext4/acl.c
+++ b/fs/ext4/acl.c
@@ -299,7 +299,7 @@ ext4_check_acl(struct inode *inode, int 
 }
 
 int
-ext4_permission(struct inode *inode, int mask, struct nameidata *nd)
+ext4_permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
 {
 	return generic_permission(inode, mask, ext4_check_acl);
 }
--- a/fs/ext4/acl.h
+++ b/fs/ext4/acl.h
@@ -58,7 +58,7 @@ static inline int ext4_acl_count(size_t 
 #define EXT4_ACL_NOT_CACHED ((void *)-1)
 
 /* acl.c */
-extern int ext4_permission (struct inode *, int, struct nameidata *);
+extern int ext4_permission (struct inode *, int, struct vfs_lookup *);
 extern int ext4_acl_chmod (struct inode *);
 extern int ext4_init_acl (handle_t *, struct inode *, struct inode *);
 
--- a/fs/fuse/dir.c
+++ b/fs/fuse/dir.c
@@ -792,7 +792,7 @@ static int fuse_access(struct inode *ino
  * access request is sent.  Execute permission is still checked
  * locally based on file mode.
  */
-static int fuse_permission(struct inode *inode, int mask, struct nameidata *nd)
+static int fuse_permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
 {
 	struct fuse_conn *fc = get_fuse_conn(inode);
 
@@ -821,7 +821,7 @@ static int fuse_permission(struct inode 
 		if ((mask & MAY_EXEC) && !S_ISDIR(mode) && !(mode & S_IXUGO))
 			return -EACCES;
 
-		if (nd && (nd->lookup.flags & (LOOKUP_ACCESS | LOOKUP_CHDIR)))
+		if (lookup && (lookup->flags & (LOOKUP_ACCESS | LOOKUP_CHDIR)))
 			return fuse_access(inode, mask);
 		return 0;
 	}
--- a/fs/gfs2/ops_inode.c
+++ b/fs/gfs2/ops_inode.c
@@ -861,7 +861,7 @@ static void *gfs2_follow_link(struct den
  * gfs2_permission -
  * @inode:
  * @mask:
- * @nd: passed from Linux VFS, ignored by us
+ * @lookup: passed from Linux VFS, ignored by us
  *
  * This may be called from the VFS directly, or from within GFS2 with the
  * inode locked, so we look to see if the glock is already locked and only
@@ -870,7 +870,7 @@ static void *gfs2_follow_link(struct den
  * Returns: errno
  */
 
-static int gfs2_permission(struct inode *inode, int mask, struct nameidata *nd)
+static int gfs2_permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
 {
 	struct gfs2_inode *ip = GFS2_I(inode);
 	struct gfs2_holder i_gh;
--- a/fs/hfs/inode.c
+++ b/fs/hfs/inode.c
@@ -508,7 +508,7 @@ void hfs_clear_inode(struct inode *inode
 }
 
 static int hfs_permission(struct inode *inode, int mask,
-			  struct nameidata *nd)
+			  struct vfs_lookup *lookup)
 {
 	if (S_ISREG(inode->i_mode) && mask & MAY_EXEC)
 		return 0;
--- a/fs/hfsplus/inode.c
+++ b/fs/hfsplus/inode.c
@@ -232,7 +232,7 @@ static void hfsplus_set_perms(struct ino
 	perms->dev = cpu_to_be32(HFSPLUS_I(inode).dev);
 }
 
-static int hfsplus_permission(struct inode *inode, int mask, struct nameidata *nd)
+static int hfsplus_permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
 {
 	/* MAY_EXEC is also used for lookup, if no x bit is set allow lookup,
 	 * open_exec has the same test, so it's still not executable, if a x bit
--- a/fs/inotify_user.c
+++ b/fs/inotify_user.c
@@ -349,7 +349,7 @@ static int find_inode(const char __user 
 	if (error)
 		return error;
 	/* you can only watch an inode if you have read permissions on it */
-	error = vfs_permission(nd, MAY_READ);
+	error = vfs_permission(nd.lookup, MAY_READ);
 	if (error)
 		path_release(nd);
 	return error;
--- a/fs/jffs2/acl.c
+++ b/fs/jffs2/acl.c
@@ -302,7 +302,7 @@ static int jffs2_check_acl(struct inode 
 	return -EAGAIN;
 }
 
-int jffs2_permission(struct inode *inode, int mask, struct nameidata *nd)
+int jffs2_permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
 {
 	return generic_permission(inode, mask, jffs2_check_acl);
 }
--- a/fs/jffs2/acl.h
+++ b/fs/jffs2/acl.h
@@ -28,7 +28,7 @@ struct jffs2_acl_header {
 
 #define JFFS2_ACL_NOT_CACHED ((void *)-1)
 
-extern int jffs2_permission(struct inode *, int, struct nameidata *);
+extern int jffs2_permission(struct inode *, int, struct vfs_lookup *);
 extern int jffs2_acl_chmod(struct inode *);
 extern int jffs2_init_acl(struct inode *, struct inode *);
 extern void jffs2_clear_acl(struct jffs2_inode_info *);
--- a/fs/jfs/acl.c
+++ b/fs/jfs/acl.c
@@ -140,7 +140,7 @@ static int jfs_check_acl(struct inode *i
 	return -EAGAIN;
 }
 
-int jfs_permission(struct inode *inode, int mask, struct nameidata *nd)
+int jfs_permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
 {
 	return generic_permission(inode, mask, jfs_check_acl);
 }
--- a/fs/jfs/jfs_acl.h
+++ b/fs/jfs/jfs_acl.h
@@ -20,7 +20,7 @@
 
 #ifdef CONFIG_JFS_POSIX_ACL
 
-int jfs_permission(struct inode *, int, struct nameidata *);
+int jfs_permission(struct inode *, int, struct vfs_lookup *);
 int jfs_init_acl(tid_t, struct inode *, struct inode *);
 int jfs_setattr(struct dentry *, struct iattr *);
 
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -226,7 +226,7 @@ int generic_permission(struct inode *ino
 	return -EACCES;
 }
 
-int permission(struct inode *inode, int mask, struct nameidata *nd)
+int permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
 {
 	umode_t mode = inode->i_mode;
 	int retval, submask;
@@ -254,24 +254,25 @@ int permission(struct inode *inode, int 
 	 * the fs is mounted with the "noexec" flag.
 	 */
 	if ((mask & MAY_EXEC) && S_ISREG(mode) && (!(mode & S_IXUGO) ||
-			(nd && nd->lookup.path.mnt && (nd->lookup.path.mnt->mnt_flags & MNT_NOEXEC))))
+			(lookup && lookup->path.mnt &&
+			 (lookup->path.mnt->mnt_flags & MNT_NOEXEC))))
 		return -EACCES;
 
 	/* Ordinary permission routines do not understand MAY_APPEND. */
 	submask = mask & ~MAY_APPEND;
 	if (inode->i_op && inode->i_op->permission)
-		retval = inode->i_op->permission(inode, submask, nd);
+		retval = inode->i_op->permission(inode, submask, lookup);
 	else
 		retval = generic_permission(inode, submask, NULL);
 	if (retval)
 		return retval;
 
-	return security_inode_permission(inode, mask, nd);
+	return security_inode_permission(inode, mask, lookup);
 }
 
 /**
  * vfs_permission  -  check for access rights to a given path
- * @nd:		lookup result that describes the path
+ * @lookup:	lookup result that describes the path
  * @mask:	right to check for (%MAY_READ, %MAY_WRITE, %MAY_EXEC)
  *
  * Used to check for read/write/execute permissions on a path.
@@ -279,9 +280,9 @@ int permission(struct inode *inode, int 
  * for filesystem access without changing the "normal" uids which
  * are used for other things.
  */
-int vfs_permission(struct nameidata *nd, int mask)
+int vfs_permission(struct vfs_lookup *lookup, int mask)
 {
-	return permission(nd->lookup.path.dentry->d_inode, mask, nd);
+	return permission(lookup->path.dentry->d_inode, mask, lookup);
 }
 
 /**
@@ -429,8 +430,7 @@ static struct dentry * cached_lookup(str
  * short-cut DAC fails, then call permission() to do more
  * complete permission check.
  */
-static int exec_permission_lite(struct inode *inode,
-				       struct nameidata *nd)
+static int exec_permission_lite(struct inode *inode, struct vfs_lookup *lookup)
 {
 	umode_t	mode = inode->i_mode;
 
@@ -456,7 +456,7 @@ static int exec_permission_lite(struct i
 
 	return -EACCES;
 ok:
-	return security_inode_permission(inode, MAY_EXEC, nd);
+	return security_inode_permission(inode, MAY_EXEC, lookup);
 }
 
 /*
@@ -831,9 +831,9 @@ static fastcall int __link_path_walk(con
 		unsigned int c;
 
 		nd->lookup.flags |= LOOKUP_CONTINUE;
-		err = exec_permission_lite(inode, nd);
+		err = exec_permission_lite(inode, &nd->lookup);
 		if (err == -EAGAIN)
-			err = vfs_permission(nd, MAY_EXEC);
+			err = vfs_permission(&nd->lookup, MAY_EXEC);
  		if (err)
 			break;
 
@@ -1321,7 +1321,7 @@ static inline struct dentry * __lookup_h
 
 	inode = base->d_inode;
 
-	err = permission(inode, MAY_EXEC, nd);
+	err = permission(inode, MAY_EXEC, &nd->lookup);
 	dentry = ERR_PTR(err);
 	if (err)
 		goto out;
@@ -1473,13 +1473,13 @@ static int may_delete(struct inode *dir,
  *  4. We can't do it if dir is immutable (done in permission())
  */
 static inline int may_create(struct inode *dir, struct dentry *child,
-			     struct nameidata *nd)
+			     struct vfs_lookup *lookup)
 {
 	if (child->d_inode)
 		return -EEXIST;
 	if (IS_DEADDIR(dir))
 		return -ENOENT;
-	return permission(dir,MAY_WRITE | MAY_EXEC, nd);
+	return permission(dir,MAY_WRITE | MAY_EXEC, lookup);
 }
 
 /* 
@@ -1545,7 +1545,7 @@ void unlock_rename(struct dentry *p1, st
 int vfs_create(struct inode *dir, struct dentry *dentry, int mode,
 		struct nameidata *nd)
 {
-	int error = may_create(dir, dentry, nd);
+	int error = may_create(dir, dentry, &nd->lookup);
 
 	if (error)
 		return error;
@@ -1579,7 +1579,7 @@ int may_open(struct nameidata *nd, int a
 	if (S_ISDIR(inode->i_mode) && (flag & FMODE_WRITE))
 		return -EISDIR;
 
-	error = vfs_permission(nd, acc_mode);
+	error = vfs_permission(&nd->lookup, acc_mode);
 	if (error)
 		return error;
 
--- a/fs/nfs/dir.c
+++ b/fs/nfs/dir.c
@@ -1955,7 +1955,7 @@ out:
 	return -EACCES;
 }
 
-int nfs_permission(struct inode *inode, int mask, struct nameidata *nd)
+int nfs_permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
 {
 	struct rpc_cred *cred;
 	int res = 0;
@@ -1965,7 +1965,7 @@ int nfs_permission(struct inode *inode, 
 	if (mask == 0)
 		goto out;
 	/* Is this sys_access() ? */
-	if (nd != NULL && (nd->lookup.flags & LOOKUP_ACCESS))
+	if (lookup && (lookup->flags & LOOKUP_ACCESS))
 		goto force_lookup;
 
 	switch (inode->i_mode & S_IFMT) {
@@ -1974,8 +1974,8 @@ int nfs_permission(struct inode *inode, 
 		case S_IFREG:
 			/* NFSv4 has atomic_open... */
 			if (nfs_server_capable(inode, NFS_CAP_ATOMIC_OPEN)
-					&& nd != NULL
-					&& (nd->lookup.flags & LOOKUP_OPEN))
+					&& lookup
+					&& (lookup->flags & LOOKUP_OPEN))
 				goto out;
 			break;
 		case S_IFDIR:
--- a/fs/ocfs2/file.c
+++ b/fs/ocfs2/file.c
@@ -1091,7 +1091,7 @@ bail:
 	return err;
 }
 
-int ocfs2_permission(struct inode *inode, int mask, struct nameidata *nd)
+int ocfs2_permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
 {
 	int ret;
 
--- a/fs/ocfs2/file.h
+++ b/fs/ocfs2/file.h
@@ -54,8 +54,7 @@ int ocfs2_lock_allocators(struct inode *
 int ocfs2_setattr(struct dentry *dentry, struct iattr *attr);
 int ocfs2_getattr(struct vfsmount *mnt, struct dentry *dentry,
 		  struct kstat *stat);
-int ocfs2_permission(struct inode *inode, int mask,
-		     struct nameidata *nd);
+int ocfs2_permission(struct inode *inode, int mask, struct vfs_lookup *lookup);
 
 int ocfs2_should_update_atime(struct inode *inode,
 			      struct vfsmount *vfsmnt);
--- a/fs/open.c
+++ b/fs/open.c
@@ -244,7 +244,7 @@ static long do_sys_truncate(const char _
 	if (!S_ISREG(inode->i_mode))
 		goto dput_and_out;
 
-	error = vfs_permission(&nd, MAY_WRITE);
+	error = vfs_permission(&nd.lookup, MAY_WRITE);
 	if (error)
 		goto dput_and_out;
 
@@ -452,7 +452,7 @@ asmlinkage long sys_faccessat(int dfd, c
 	if (res)
 		goto out;
 
-	res = vfs_permission(&nd, mode);
+	res = vfs_permission(&nd.lookup, mode);
 	/* SuS v2 requires we report a read only fs too */
 	if(res || !(mode & S_IWOTH) ||
 	   special_file(nd.lookup.path.dentry->d_inode->i_mode))
@@ -486,7 +486,7 @@ asmlinkage long sys_chdir(const char __u
 	if (error)
 		goto out;
 
-	error = vfs_permission(&nd, MAY_EXEC);
+	error = vfs_permission(&nd.lookup, MAY_EXEC);
 	if (error)
 		goto dput_and_out;
 
@@ -537,7 +537,7 @@ asmlinkage long sys_chroot(const char __
 	if (error)
 		goto out;
 
-	error = vfs_permission(&nd, MAY_EXEC);
+	error = vfs_permission(&nd.lookup, MAY_EXEC);
 	if (error)
 		goto dput_and_out;
 
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -1479,7 +1479,7 @@ static const struct file_operations proc
  * access /proc/self/fd after it has executed a setuid().
  */
 static int proc_fd_permission(struct inode *inode, int mask,
-				struct nameidata *nd)
+				struct vfs_lookup *lookup)
 {
 	int rv;
 
--- a/fs/proc/proc_sysctl.c
+++ b/fs/proc/proc_sysctl.c
@@ -369,7 +369,8 @@ out:
 	return ret;
 }
 
-static int proc_sys_permission(struct inode *inode, int mask, struct nameidata *nd)
+static int proc_sys_permission(struct inode *inode, int mask,
+			       struct vfs_lookup *lookup)
 {
 	/*
 	 * sysctl entries that are not writeable,
@@ -402,10 +403,10 @@ static int proc_sys_permission(struct in
 	/* If we can't get a sysctl table entry the permission
 	 * checks on the cached mode will have to be enough.
 	 */
-	if (!nd || !depth)
+	if (!lookup || !depth)
 		goto out;
 
-	dentry = nd->lookup.path.dentry;
+	dentry = lookup->path.dentry;
 	table = do_proc_sys_lookup(dentry->d_parent, &dentry->d_name, &head);
 
 	/* If the entry does not exist deny permission */
--- a/fs/reiserfs/xattr.c
+++ b/fs/reiserfs/xattr.c
@@ -1294,7 +1294,8 @@ static int reiserfs_check_acl(struct ino
 	return error;
 }
 
-int reiserfs_permission(struct inode *inode, int mask, struct nameidata *nd)
+int reiserfs_permission(struct inode *inode, int mask,
+			struct vfs_lookup *lookup)
 {
 	/*
 	 * We don't do permission checks on the internal objects.
--- a/fs/smbfs/file.c
+++ b/fs/smbfs/file.c
@@ -391,7 +391,7 @@ smb_file_release(struct inode *inode, st
  * privileges, so we need our own check for this.
  */
 static int
-smb_file_permission(struct inode *inode, int mask, struct nameidata *nd)
+smb_file_permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
 {
 	int mode = inode->i_mode;
 	int error = 0;
--- a/fs/utimes.c
+++ b/fs/utimes.c
@@ -111,7 +111,7 @@ long do_utimes(int dfd, char __user *fil
 				if (!(f->f_mode & FMODE_WRITE))
 					goto dput_and_out;
 			} else {
-				error = vfs_permission(&nd, MAY_WRITE);
+				error = vfs_permission(&nd.lookup, MAY_WRITE);
 				if (error)
 					goto dput_and_out;
 			}
--- a/fs/xfs/linux-2.6/xfs_iops.c
+++ b/fs/xfs/linux-2.6/xfs_iops.c
@@ -605,7 +605,7 @@ STATIC int
 xfs_vn_permission(
 	struct inode	*inode,
 	int		mode,
-	struct nameidata *nd)
+	struct vfs_lookup *lookup)
 {
 	return -bhv_vop_access(vn_from_inode(inode), mode << 6, NULL);
 }
--- a/include/linux/coda_linux.h
+++ b/include/linux/coda_linux.h
@@ -37,7 +37,7 @@ extern const struct file_operations coda
 /* operations shared over more than one file */
 int coda_open(struct inode *i, struct file *f);
 int coda_release(struct inode *i, struct file *f);
-int coda_permission(struct inode *inode, int mask, struct nameidata *nd);
+int coda_permission(struct inode *inode, int mask, struct vfs_lookup *lookup);
 int coda_revalidate_inode(struct dentry *);
 int coda_getattr(struct vfsmount *, struct dentry *, struct kstat *);
 int coda_setattr(struct dentry *, struct iattr *);
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -1008,7 +1008,7 @@ extern void unlock_super(struct super_bl
 /*
  * VFS helper functions..
  */
-extern int vfs_permission(struct nameidata *, int);
+extern int vfs_permission(struct vfs_lookup *, int);
 extern int vfs_create(struct inode *, struct dentry *, int, struct nameidata *);
 extern int vfs_mkdir(struct inode *, struct dentry *, int);
 extern int vfs_mknod(struct inode *, struct dentry *, int, dev_t);
@@ -1147,7 +1147,7 @@ struct inode_operations {
 	void * (*follow_link) (struct dentry *, struct nameidata *);
 	void (*put_link) (struct dentry *, struct nameidata *, void *);
 	void (*truncate) (struct inode *);
-	int (*permission) (struct inode *, int, struct nameidata *);
+	int (*permission) (struct inode *, int, struct vfs_lookup *);
 	int (*setattr) (struct dentry *, struct iattr *);
 	int (*getattr) (struct vfsmount *mnt, struct dentry *, struct kstat *);
 	int (*setxattr) (struct dentry *, const char *,const void *,size_t,int);
@@ -1562,7 +1562,7 @@ extern int do_remount_sb(struct super_bl
 extern sector_t bmap(struct inode *, sector_t);
 #endif
 extern int notify_change(struct dentry *, struct iattr *);
-extern int permission(struct inode *, int, struct nameidata *);
+extern int permission(struct inode *, int, struct vfs_lookup *);
 extern int generic_permission(struct inode *, int,
 		int (*check_acl)(struct inode *, int));
 
--- a/include/linux/nfs_fs.h
+++ b/include/linux/nfs_fs.h
@@ -288,7 +288,7 @@ extern struct inode *nfs_fhget(struct su
 extern int nfs_refresh_inode(struct inode *, struct nfs_fattr *);
 extern int nfs_post_op_update_inode(struct inode *inode, struct nfs_fattr *fattr);
 extern int nfs_getattr(struct vfsmount *, struct dentry *, struct kstat *);
-extern int nfs_permission(struct inode *, int, struct nameidata *);
+extern int nfs_permission(struct inode *, int, struct vfs_lookup *);
 extern int nfs_access_get_cached(struct inode *, struct rpc_cred *, struct nfs_access_entry *);
 extern void nfs_access_add_cache(struct inode *, struct nfs_access_entry *);
 extern void nfs_access_zap_cache(struct inode *inode);
--- a/include/linux/reiserfs_xattr.h
+++ b/include/linux/reiserfs_xattr.h
@@ -55,8 +55,8 @@ int reiserfs_removexattr(struct dentry *
 int reiserfs_delete_xattrs(struct inode *inode);
 int reiserfs_chown_xattrs(struct inode *inode, struct iattr *attrs);
 int reiserfs_xattr_init(struct super_block *sb, int mount_flags);
-int reiserfs_permission(struct inode *inode, int mask, struct nameidata *nd);
-
+int reiserfs_permission(struct inode *inode, int mask,
+			struct vfs_lookup *lookup);
 int reiserfs_xattr_del(struct inode *, const char *);
 int reiserfs_xattr_get(const struct inode *, const char *, void *, size_t);
 int reiserfs_xattr_set(struct inode *, const char *, const void *, size_t, int);
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -350,7 +350,7 @@ struct request_sock;
  *	called when the actual read/write operations are performed.
  *	@inode contains the inode structure to check.
  *	@mask contains the permission mask.
- *     @nd contains the nameidata (may be NULL).
+ *     @lookup contains the vfs_lookup (may be NULL).
  *	Return 0 if permission is granted.
  * @inode_setattr:
  *	Check permission before setting file attributes.  Note that the kernel
@@ -1220,7 +1220,7 @@ struct security_operations {
 	                     struct inode *new_dir, struct dentry *new_dentry);
 	int (*inode_readlink) (struct dentry *dentry);
 	int (*inode_follow_link) (struct dentry *dentry, struct nameidata *nd);
-	int (*inode_permission) (struct inode *inode, int mask, struct nameidata *nd);
+	int (*inode_permission) (struct inode *inode, int mask, struct vfs_lookup *lookup);
 	int (*inode_setattr)	(struct dentry *dentry, struct iattr *attr);
 	int (*inode_getattr) (struct vfsmount *mnt, struct dentry *dentry);
         void (*inode_delete) (struct inode *inode);
@@ -1700,11 +1700,11 @@ static inline int security_inode_follow_
 }
 
 static inline int security_inode_permission (struct inode *inode, int mask,
-					     struct nameidata *nd)
+					     struct vfs_lookup *lookup)
 {
 	if (unlikely (IS_PRIVATE (inode)))
 		return 0;
-	return security_ops->inode_permission (inode, mask, nd);
+	return security_ops->inode_permission (inode, mask, lookup);
 }
 
 static inline int security_inode_setattr (struct dentry *dentry,
@@ -2408,7 +2408,7 @@ static inline int security_inode_follow_
 }
 
 static inline int security_inode_permission (struct inode *inode, int mask,
-					     struct nameidata *nd)
+					     struct vfs_lookup *lookup)
 {
 	return 0;
 }
--- a/include/linux/shmem_fs.h
+++ b/include/linux/shmem_fs.h
@@ -41,7 +41,7 @@ static inline struct shmem_inode_info *S
 }
 
 #ifdef CONFIG_TMPFS_POSIX_ACL
-int shmem_permission(struct inode *, int, struct nameidata *);
+int shmem_permission(struct inode *, int, struct vfs_lookup *);
 int shmem_acl_init(struct inode *, struct inode *);
 void shmem_acl_destroy_inode(struct inode *);
 
--- a/mm/shmem_acl.c
+++ b/mm/shmem_acl.c
@@ -191,7 +191,7 @@ shmem_check_acl(struct inode *inode, int
  * shmem_permission  -  permission() inode operation
  */
 int
-shmem_permission(struct inode *inode, int mask, struct nameidata *nd)
+shmem_permission(struct inode *inode, int mask, struct vfs_lookup *lookup)
 {
 	return generic_permission(inode, mask, shmem_check_acl);
 }
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -729,7 +729,7 @@ static struct sock *unix_find_other(stru
 		err = path_lookup(sunname->sun_path, LOOKUP_FOLLOW, &nd);
 		if (err)
 			goto fail;
-		err = vfs_permission(&nd, MAY_WRITE);
+		err = vfs_permission(&nd.lookup, MAY_WRITE);
 		if (err)
 			goto put_fail;
 
--- a/security/dummy.c
+++ b/security/dummy.c
@@ -323,7 +323,7 @@ static int dummy_inode_follow_link (stru
 	return 0;
 }
 
-static int dummy_inode_permission (struct inode *inode, int mask, struct nameidata *nd)
+static int dummy_inode_permission (struct inode *inode, int mask, struct vfs_lookup *lookup)
 {
 	return 0;
 }
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -2250,11 +2250,11 @@ static int selinux_inode_follow_link(str
 }
 
 static int selinux_inode_permission(struct inode *inode, int mask,
-				    struct nameidata *nd)
+				    struct vfs_lookup *lookup)
 {
 	int rc;
 
-	rc = secondary_ops->inode_permission(inode, mask, nd);
+	rc = secondary_ops->inode_permission(inode, mask, lookup);
 	if (rc)
 		return rc;
 

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux