[PATCH] security oops fix

From: Stephen Smalley <sds@epoch.ncsc.mil> Looking at d_splice_alias, it appears that the security_d_instantiate call in the first case (where it ends up moving an entry in place of the given dentry) should be passing 'new' rather than 'dentry' to ensure that the passed dentry is associated with the inode. This patch should fix the problem. (Addresses bugzilla #2153)

[PATCH] security oops fix
From: Stephen Smalley <sds@epoch.ncsc.mil> Looking at d_splice_alias, it appears that the security_d_instantiate call in the first case (where it ends up moving an entry in place of the given dentry) should be passing 'new' rather than 'dentry' to ensure that the passed dentry is associated with the inode. This patch should fix the problem. (Addresses bugzilla #2153)
8a65e057 · Andrew Morton · Linus Torvalds · e84f0355 · 8a65e057
Commit 8a65e057 authored Feb 22, 2004 by Andrew Morton Committed by Linus Torvalds Feb 22, 2004
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

fs/dcache.c fs/dcache.c +1 -1

No files found.
--- a/fs/dcache.c
+++ b/fs/dcache.c
@@ -895,7 +895,7 @@ struct dentry *d_splice_alias(struct inode *inode, struct dentry *dentry)
 			new = list_entry(inode->i_dentry.next, struct dentry, d_alias);
 			__dget_locked(new);
 			spin_unlock(&dcache_lock);
-			security_d_instantiate(dentry, inode);
+			security_d_instantiate(new, inode);
 			d_rehash(dentry);
 			d_move(new, dentry);
 			iput(inode);