switch flush_unauthorized_files() to replace_fd()
authorAl Viro <viro@zeniv.linux.org.uk>
Tue, 21 Aug 2012 16:26:45 +0000 (12:26 -0400)
committerAl Viro <viro@zeniv.linux.org.uk>
Thu, 27 Sep 2012 01:09:58 +0000 (21:09 -0400)
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
security/selinux/hooks.c

index 6c77f63c759198ead061712fb3bad1166c4ace2a..00b50113642ddbbb475ff7ea147b8e6a2f95c70f 100644 (file)
@@ -2126,8 +2126,6 @@ static inline void flush_unauthorized_files(const struct cred *cred,
        spin_lock(&files->file_lock);
        for (;;) {
                unsigned long set, i;
-               int fd;
-
                j++;
                i = j * BITS_PER_LONG;
                fdt = files_fdtable(files);
@@ -2138,38 +2136,23 @@ static inline void flush_unauthorized_files(const struct cred *cred,
                        continue;
                spin_unlock(&files->file_lock);
                for ( ; set ; i++, set >>= 1) {
-                       if (set & 1) {
-                               file = fget(i);
-                               if (!file)
-                                       continue;
-                               if (file_has_perm(cred,
-                                                 file,
-                                                 file_to_av(file))) {
-                                       sys_close(i);
-                                       fd = get_unused_fd();
-                                       if (fd != i) {
-                                               if (fd >= 0)
-                                                       put_unused_fd(fd);
-                                               fput(file);
-                                               continue;
-                                       }
-                                       if (devnull) {
-                                               get_file(devnull);
-                                       } else {
-                                               devnull = dentry_open(
-                                                       &selinux_null,
-                                                       O_RDWR, cred);
-                                               if (IS_ERR(devnull)) {
-                                                       devnull = NULL;
-                                                       put_unused_fd(fd);
-                                                       fput(file);
-                                                       continue;
-                                               }
-                                       }
-                                       fd_install(fd, devnull);
+                       if (!(set & 1))
+                               continue;
+                       file = fget(i);
+                       if (!file)
+                               continue;
+                       if (file_has_perm(cred, file, file_to_av(file))) {
+                               if (devnull) {
+                                       get_file(devnull);
+                               } else {
+                                       devnull = dentry_open(&selinux_null,
+                                                               O_RDWR, cred);
+                                       if (IS_ERR(devnull))
+                                               devnull = NULL;
                                }
-                               fput(file);
+                               replace_fd(i, devnull, 0);
                        }
+                       fput(file);
                }
                spin_lock(&files->file_lock);