Merge git://git.samba.org/sfrench/cifs-2.6
[linux-2.6.git] / security / device_cgroup.c
index f77c604..8b5b5d8 100644 (file)
@@ -62,12 +62,12 @@ static inline struct dev_cgroup *task_devcgroup(struct task_struct *task)
 struct cgroup_subsys devices_subsys;
 
 static int devcgroup_can_attach(struct cgroup_subsys *ss,
-               struct cgroup *new_cgroup, struct task_struct *task,
-               bool threadgroup)
+                       struct cgroup *new_cgrp, struct cgroup_taskset *set)
 {
-       if (current != task && !capable(CAP_SYS_ADMIN))
-                       return -EPERM;
+       struct task_struct *task = cgroup_taskset_first(set);
 
+       if (current != task && !capable(CAP_SYS_ADMIN))
+               return -EPERM;
        return 0;
 }
 
@@ -126,14 +126,6 @@ static int dev_whitelist_add(struct dev_cgroup *dev_cgroup,
        return 0;
 }
 
-static void whitelist_item_free(struct rcu_head *rcu)
-{
-       struct dev_whitelist_item *item;
-
-       item = container_of(rcu, struct dev_whitelist_item, rcu);
-       kfree(item);
-}
-
 /*
  * called under devcgroup_mutex
  */
@@ -156,7 +148,7 @@ remove:
                walk->access &= ~wh->access;
                if (!walk->access) {
                        list_del_rcu(&walk->list);
-                       call_rcu(&walk->rcu, whitelist_item_free);
+                       kfree_rcu(walk, rcu);
                }
        }
 }
@@ -470,22 +462,16 @@ struct cgroup_subsys devices_subsys = {
        .name = "devices",
        .can_attach = devcgroup_can_attach,
        .create = devcgroup_create,
-       .destroy  = devcgroup_destroy,
+       .destroy = devcgroup_destroy,
        .populate = devcgroup_populate,
        .subsys_id = devices_subsys_id,
 };
 
-int devcgroup_inode_permission(struct inode *inode, int mask)
+int __devcgroup_inode_permission(struct inode *inode, int mask)
 {
        struct dev_cgroup *dev_cgroup;
        struct dev_whitelist_item *wh;
 
-       dev_t device = inode->i_rdev;
-       if (!device)
-               return 0;
-       if (!S_ISBLK(inode->i_mode) && !S_ISCHR(inode->i_mode))
-               return 0;
-
        rcu_read_lock();
 
        dev_cgroup = task_devcgroup(current);