tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

security: make security_file_set_fowner, f_setown and __f_setown void return

security_file_set_fowner always returns 0, so make it f_setown and
__f_setown void return functions and fix up the error handling in the
callers.

Cc: linux-security-module@vger.kernel.org
Signed-off-by: Jeff Layton <jlayton@primarydata.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>

Jeff Layton e0b93edd 1c994a09

+26 -42
+1 -3
drivers/net/tun.c
··· 2152 2152 goto out; 2153 2153 2154 2154 if (on) { 2155 - ret = __f_setown(file, task_pid(current), PIDTYPE_PID, 0); 2156 - if (ret) 2157 - goto out; 2155 + __f_setown(file, task_pid(current), PIDTYPE_PID, 0); 2158 2156 tfile->flags |= TUN_FASYNC; 2159 2157 } else 2160 2158 tfile->flags &= ~TUN_FASYNC;
+2 -1
drivers/tty/tty_io.c
··· 2163 2163 } 2164 2164 get_pid(pid); 2165 2165 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2166 - retval = __f_setown(filp, pid, type, 0); 2166 + __f_setown(filp, pid, type, 0); 2167 2167 put_pid(pid); 2168 + retval = 0; 2168 2169 } 2169 2170 out: 2170 2171 return retval;
+7 -14
fs/fcntl.c
··· 98 98 write_unlock_irq(&filp->f_owner.lock); 99 99 } 100 100 101 - int __f_setown(struct file *filp, struct pid *pid, enum pid_type type, 101 + void __f_setown(struct file *filp, struct pid *pid, enum pid_type type, 102 102 int force) 103 103 { 104 - int err; 105 - 106 - err = security_file_set_fowner(filp); 107 - if (err) 108 - return err; 109 - 104 + security_file_set_fowner(filp); 110 105 f_modown(filp, pid, type, force); 111 - return 0; 112 106 } 113 107 EXPORT_SYMBOL(__f_setown); 114 108 115 - int f_setown(struct file *filp, unsigned long arg, int force) 109 + void f_setown(struct file *filp, unsigned long arg, int force) 116 110 { 117 111 enum pid_type type; 118 112 struct pid *pid; 119 113 int who = arg; 120 - int result; 121 114 type = PIDTYPE_PID; 122 115 if (who < 0) { 123 116 type = PIDTYPE_PGID; ··· 118 125 } 119 126 rcu_read_lock(); 120 127 pid = find_vpid(who); 121 - result = __f_setown(filp, pid, type, force); 128 + __f_setown(filp, pid, type, force); 122 129 rcu_read_unlock(); 123 - return result; 124 130 } 125 131 EXPORT_SYMBOL(f_setown); 126 132 ··· 173 181 if (owner.pid && !pid) 174 182 ret = -ESRCH; 175 183 else 176 - ret = __f_setown(filp, pid, type, 1); 184 + __f_setown(filp, pid, type, 1); 177 185 rcu_read_unlock(); 178 186 179 187 return ret; ··· 294 302 force_successful_syscall_return(); 295 303 break; 296 304 case F_SETOWN: 297 - err = f_setown(filp, arg, 1); 305 + f_setown(filp, arg, 1); 306 + err = 0; 298 307 break; 299 308 case F_GETOWN_EX: 300 309 err = f_getown_ex(filp, arg);
+1 -1
fs/locks.c
··· 1776 1776 if (!fasync_insert_entry(fd, filp, &ret->fl_fasync, new)) 1777 1777 new = NULL; 1778 1778 1779 - error = __f_setown(filp, task_pid(current), PIDTYPE_PID, 0); 1779 + __f_setown(filp, task_pid(current), PIDTYPE_PID, 0); 1780 1780 out_unlock: 1781 1781 spin_unlock(&inode->i_lock); 1782 1782 if (fl)
+1 -7
fs/notify/dnotify/dnotify.c
··· 346 346 goto out; 347 347 } 348 348 349 - error = __f_setown(filp, task_pid(current), PIDTYPE_PID, 0); 350 - if (error) { 351 - /* if we added, we must shoot */ 352 - if (dn_mark == new_dn_mark) 353 - destroy = 1; 354 - goto out; 355 - } 349 + __f_setown(filp, task_pid(current), PIDTYPE_PID, 0); 356 350 357 351 error = attach_dn(dn, dn_mark, id, fd, filp, mask); 358 352 /* !error means that we attached the dn to the dn_mark, so don't free it */
+2 -2
include/linux/fs.h
··· 1139 1139 /* can be called from interrupts */ 1140 1140 extern void kill_fasync(struct fasync_struct **, int, int); 1141 1141 1142 - extern int __f_setown(struct file *filp, struct pid *, enum pid_type, int force); 1143 - extern int f_setown(struct file *filp, unsigned long arg, int force); 1142 + extern void __f_setown(struct file *filp, struct pid *, enum pid_type, int force); 1143 + extern void f_setown(struct file *filp, unsigned long arg, int force); 1144 1144 extern void f_delown(struct file *filp); 1145 1145 extern pid_t f_getown(struct file *filp); 1146 1146 extern int send_sigurg(struct fown_struct *fown);
+4 -4
include/linux/security.h
··· 1559 1559 int (*file_lock) (struct file *file, unsigned int cmd); 1560 1560 int (*file_fcntl) (struct file *file, unsigned int cmd, 1561 1561 unsigned long arg); 1562 - int (*file_set_fowner) (struct file *file); 1562 + void (*file_set_fowner) (struct file *file); 1563 1563 int (*file_send_sigiotask) (struct task_struct *tsk, 1564 1564 struct fown_struct *fown, int sig); 1565 1565 int (*file_receive) (struct file *file); ··· 1834 1834 unsigned long prot); 1835 1835 int security_file_lock(struct file *file, unsigned int cmd); 1836 1836 int security_file_fcntl(struct file *file, unsigned int cmd, unsigned long arg); 1837 - int security_file_set_fowner(struct file *file); 1837 + void security_file_set_fowner(struct file *file); 1838 1838 int security_file_send_sigiotask(struct task_struct *tsk, 1839 1839 struct fown_struct *fown, int sig); 1840 1840 int security_file_receive(struct file *file); ··· 2312 2312 return 0; 2313 2313 } 2314 2314 2315 - static inline int security_file_set_fowner(struct file *file) 2315 + static inline void security_file_set_fowner(struct file *file) 2316 2316 { 2317 - return 0; 2317 + return; 2318 2318 } 2319 2319 2320 2320 static inline int security_file_send_sigiotask(struct task_struct *tsk,
+2 -1
net/socket.c
··· 1069 1069 err = -EFAULT; 1070 1070 if (get_user(pid, (int __user *)argp)) 1071 1071 break; 1072 - err = f_setown(sock->file, pid, 1); 1072 + f_setown(sock->file, pid, 1); 1073 + err = 0; 1073 1074 break; 1074 1075 case FIOGETOWN: 1075 1076 case SIOCGPGRP:
+2 -2
security/capability.c
··· 343 343 return 0; 344 344 } 345 345 346 - static int cap_file_set_fowner(struct file *file) 346 + static void cap_file_set_fowner(struct file *file) 347 347 { 348 - return 0; 348 + return; 349 349 } 350 350 351 351 static int cap_file_send_sigiotask(struct task_struct *tsk,
+2 -2
security/security.c
··· 775 775 return security_ops->file_fcntl(file, cmd, arg); 776 776 } 777 777 778 - int security_file_set_fowner(struct file *file) 778 + void security_file_set_fowner(struct file *file) 779 779 { 780 - return security_ops->file_set_fowner(file); 780 + security_ops->file_set_fowner(file); 781 781 } 782 782 783 783 int security_file_send_sigiotask(struct task_struct *tsk,
+1 -3
security/selinux/hooks.c
··· 3346 3346 return err; 3347 3347 } 3348 3348 3349 - static int selinux_file_set_fowner(struct file *file) 3349 + static void selinux_file_set_fowner(struct file *file) 3350 3350 { 3351 3351 struct file_security_struct *fsec; 3352 3352 3353 3353 fsec = file->f_security; 3354 3354 fsec->fown_sid = current_sid(); 3355 - 3356 - return 0; 3357 3355 } 3358 3356 3359 3357 static int selinux_file_send_sigiotask(struct task_struct *tsk,
+1 -2
security/smack/smack_lsm.c
··· 1390 1390 * Returns 0 1391 1391 * Further research may be required on this one. 1392 1392 */ 1393 - static int smack_file_set_fowner(struct file *file) 1393 + static void smack_file_set_fowner(struct file *file) 1394 1394 { 1395 1395 struct smack_known *skp = smk_of_current(); 1396 1396 1397 1397 file->f_security = skp->smk_known; 1398 - return 0; 1399 1398 } 1400 1399 1401 1400 /**