diff options
Diffstat (limited to 'fs/posix_acl.c')
| -rw-r--r-- | fs/posix_acl.c | 26 |
1 files changed, 12 insertions, 14 deletions
diff --git a/fs/posix_acl.c b/fs/posix_acl.c index e1af20893ebe..4050942ab52f 100644 --- a/fs/posix_acl.c +++ b/fs/posix_acl.c @@ -26,7 +26,6 @@ #include <linux/mnt_idmapping.h> #include <linux/iversion.h> #include <linux/security.h> -#include <linux/evm.h> #include <linux/fsnotify.h> #include <linux/filelock.h> @@ -201,11 +200,11 @@ EXPORT_SYMBOL(posix_acl_init); * Allocate a new ACL with the specified number of entries. */ struct posix_acl * -posix_acl_alloc(int count, gfp_t flags) +posix_acl_alloc(unsigned int count, gfp_t flags) { - const size_t size = sizeof(struct posix_acl) + - count * sizeof(struct posix_acl_entry); - struct posix_acl *acl = kmalloc(size, flags); + struct posix_acl *acl; + + acl = kmalloc(struct_size(acl, a_entries, count), flags); if (acl) posix_acl_init(acl, count); return acl; @@ -221,9 +220,8 @@ posix_acl_clone(const struct posix_acl *acl, gfp_t flags) struct posix_acl *clone = NULL; if (acl) { - int size = sizeof(struct posix_acl) + acl->a_count * - sizeof(struct posix_acl_entry); - clone = kmemdup(acl, size, flags); + clone = kmemdup(acl, struct_size(acl, a_entries, acl->a_count), + flags); if (clone) refcount_set(&clone->a_refcount, 1); } @@ -716,8 +714,8 @@ int posix_acl_update_mode(struct mnt_idmap *idmap, return error; if (error == 0) *acl = NULL; - if (!vfsgid_in_group_p(i_gid_into_vfsgid(idmap, inode)) && - !capable_wrt_inode_uidgid(idmap, inode, CAP_FSETID)) + if (!in_group_or_capable(idmap, inode, + i_gid_into_vfsgid(idmap, inode))) mode &= ~S_ISGID; *mode_p = mode; return 0; @@ -786,12 +784,12 @@ struct posix_acl *posix_acl_from_xattr(struct user_namespace *userns, return ERR_PTR(count); if (count == 0) return NULL; - + acl = posix_acl_alloc(count, GFP_NOFS); if (!acl) return ERR_PTR(-ENOMEM); acl_e = acl->a_entries; - + for (end = entry + count; entry != end; acl_e++, entry++) { acl_e->e_tag = le16_to_cpu(entry->e_tag); acl_e->e_perm = le16_to_cpu(entry->e_perm); @@ -1137,7 +1135,7 @@ retry_deleg: error = -EIO; if (!error) { fsnotify_xattr(dentry); - evm_inode_post_set_acl(dentry, acl_name, kacl); + security_inode_post_set_acl(dentry, acl_name, kacl); } out_inode_unlock: @@ -1245,7 +1243,7 @@ retry_deleg: error = -EIO; if (!error) { fsnotify_xattr(dentry); - evm_inode_post_remove_acl(idmap, dentry, acl_name); + security_inode_post_remove_acl(idmap, dentry, acl_name); } out_inode_unlock: |