Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs

Pull vfs fixes from Al Viro:
 "Fix for my braino in replace_fd(), dhowell's fix for the fallout from
  over-enthusiastic bo^Wdeclaration movements plus crapectomy that
  should've happened a long time ago (SEL_...  definitions)."

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
  bury SEL_{IN,OUT,EX}
  Unexport some bits of linux/fs.h
  fix a leak in replace_fd() users

1 files changed, 7 insertions, 11 deletions

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 24ab4148547c..61a53367d029 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -2132,18 +2132,14 @@ static inline void flush_unauthorized_files(const struct cred *cred,
 		return;
 
 	devnull = dentry_open(&selinux_null, O_RDWR, cred);
-	if (!IS_ERR(devnull)) {
-		/* replace all the matching ones with this */
-		do {
-			replace_fd(n - 1, get_file(devnull), 0);
-		} while ((n = iterate_fd(files, n, match_file, cred)) != 0);
+	if (IS_ERR(devnull))
+		devnull = NULL;
+	/* replace all the matching ones with this */
+	do {
+		replace_fd(n - 1, devnull, 0);
+	} while ((n = iterate_fd(files, n, match_file, cred)) != 0);
+	if (devnull)
 		fput(devnull);
-	} else {
-		/* just close all the matching ones */
-		do {
-			replace_fd(n - 1, NULL, 0);
-		} while ((n = iterate_fd(files, n, match_file, cred)) != 0);
-	}
 }
 
 /*