Rules for ->d_name access are rather unpleasant and so's
verifying that they are followed. There is a relatively simple part,
though - nobody outside of fs/dcache.c has any business modifying
that thing.
So let's make sure that all functions we are passing
&dentry->d_name are taking const struct qstr * and replace
->d_name with an anon union of struct qstr *__d_name and
const struct qstr *d_name.
It is *not* enough to guarantee that another thread will
not call __d_move() right under you - checking the requirements
for that is the hard part. It does make it easy to verify that
nothing else accidentally starts changing it.
This stuff lives in
git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs.git #work.qstr
Branch is -rc4-based, individual patches in followups.
Please, review. If nobody objects, I'll put that in #for-next.
Shortlog:
security_dentry_init_security(): constify qstr argument
exfat_find(): constify qstr argument
afs_edit_dir_{add,remove}(): constify qstr argument
afs_dir_search: constify qstr argument
generic_ci_validate_strict_name(): constify name argument
make it easier to catch those who try to modify ->d_name
Diffstat:
fs/afs/dir_edit.c | 4 ++--
fs/afs/dir_search.c | 2 +-
fs/afs/internal.h | 6 +++---
fs/dcache.c | 26 +++++++++++++-------------
fs/exfat/namei.c | 2 +-
include/linux/dcache.h | 5 ++++-
include/linux/fs.h | 6 ++++--
include/linux/lsm_hook_defs.h | 2 +-
include/linux/security.h | 4 ++--
security/security.c | 2 +-
security/selinux/hooks.c | 2 +-
security/smack/smack_lsm.c | 2 +-
12 files changed, 34 insertions(+), 29 deletions(-)
