summaryrefslogtreecommitdiff
path: root/net/unix
diff options
context:
space:
mode:
authorKentaro Takeda <takedakn@nttdata.co.jp>2008-12-17 13:24:15 +0900
committerAl Viro <viro@zeniv.linux.org.uk>2008-12-31 18:07:37 -0500
commitbe6d3e56a6b9b3a4ee44a0685e39e595073c6f0d (patch)
tree3a770f4cc676efeba443b28caa1ad195eeff49bc /net/unix
parent6a94cb73064c952255336cc57731904174b2c58f (diff)
introduce new LSM hooks where vfsmount is available.
Add new LSM hooks for path-based checks. Call them on directory-modifying operations at the points where we still know the vfsmount involved. Signed-off-by: Kentaro Takeda <takedakn@nttdata.co.jp> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: Toshiharu Harada <haradats@nttdata.co.jp> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'net/unix')
-rw-r--r--net/unix/af_unix.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
index c6250d0055d2..d1b89820ab4f 100644
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -836,7 +836,11 @@ static int unix_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
err = mnt_want_write(nd.path.mnt);
if (err)
goto out_mknod_dput;
+ err = security_path_mknod(&nd.path, dentry, mode, 0);
+ if (err)
+ goto out_mknod_drop_write;
err = vfs_mknod(nd.path.dentry->d_inode, dentry, mode, 0);
+out_mknod_drop_write:
mnt_drop_write(nd.path.mnt);
if (err)
goto out_mknod_dput;