From f5e9c029f9e60e5f3607e584ee2bc4ccc75a0ffe Mon Sep 17 00:00:00 2001
From: Al Viro <viro@zeniv.linux.org.uk>
Date: Tue, 21 Aug 2012 12:26:45 -0400
Subject: [PATCH] --- yaml --- r: 328977 b: refs/heads/master c:
 ee97cd872d08b8623076f2a63ffb872d0884411a h: refs/heads/master i:   328975:
 9f77a8dcfb1fcd6e0511fbcdac1c9641a51e25e4 v: v3

---
 [refs]                         |  2 +-
 trunk/security/selinux/hooks.c | 47 +++++++++++-----------------------
 2 files changed, 16 insertions(+), 33 deletions(-)

diff --git a/[refs] b/[refs]
index b918b38cca8a..d8179ff27b35 100644
--- a/[refs]
+++ b/[refs]
@@ -1,2 +1,2 @@
 ---
-refs/heads/master: 8280d16172243702ed43432f826ca6130edb4086
+refs/heads/master: ee97cd872d08b8623076f2a63ffb872d0884411a
diff --git a/trunk/security/selinux/hooks.c b/trunk/security/selinux/hooks.c
index 6c77f63c7591..00b50113642d 100644
--- a/trunk/security/selinux/hooks.c
+++ b/trunk/security/selinux/hooks.c
@@ -2126,8 +2126,6 @@ static inline void flush_unauthorized_files(const struct cred *cred,
 	spin_lock(&files->file_lock);
 	for (;;) {
 		unsigned long set, i;
-		int fd;
-
 		j++;
 		i = j * BITS_PER_LONG;
 		fdt = files_fdtable(files);
@@ -2138,38 +2136,23 @@ static inline void flush_unauthorized_files(const struct cred *cred,
 			continue;
 		spin_unlock(&files->file_lock);
 		for ( ; set ; i++, set >>= 1) {
-			if (set & 1) {
-				file = fget(i);
-				if (!file)
-					continue;
-				if (file_has_perm(cred,
-						  file,
-						  file_to_av(file))) {
-					sys_close(i);
-					fd = get_unused_fd();
-					if (fd != i) {
-						if (fd >= 0)
-							put_unused_fd(fd);
-						fput(file);
-						continue;
-					}
-					if (devnull) {
-						get_file(devnull);
-					} else {
-						devnull = dentry_open(
-							&selinux_null,
-							O_RDWR, cred);
-						if (IS_ERR(devnull)) {
-							devnull = NULL;
-							put_unused_fd(fd);
-							fput(file);
-							continue;
-						}
-					}
-					fd_install(fd, devnull);
+			if (!(set & 1))
+				continue;
+			file = fget(i);
+			if (!file)
+				continue;
+			if (file_has_perm(cred, file, file_to_av(file))) {
+				if (devnull) {
+					get_file(devnull);
+				} else {
+					devnull = dentry_open(&selinux_null,
+								O_RDWR, cred);
+					if (IS_ERR(devnull))
+						devnull = NULL;
 				}
-				fput(file);
+				replace_fd(i, devnull, 0);
 			}
+			fput(file);
 		}
 		spin_lock(&files->file_lock);