lsm/stable-6.11 PR 20240830
-----BEGIN PGP SIGNATURE----- iQJIBAABCAAyFiEES0KozwfymdVUl37v6iDy2pc3iXMFAmbR4owUHHBhdWxAcGF1 bC1tb29yZS5jb20ACgkQ6iDy2pc3iXN4ABAAg9wk2oKUY6sH317v89/ejnMbxn/F 1LaoRaYZZ8mz3d9Ph3s+6a29cRIn7w/Nefwy7E78wHChD6yiNMXK79AyZ676/AEW 6TewqmOeIzmAP76aTyLy3MQCDiw8VG3EI5tMUl3oNhd8XPtNwyQBy+sLU6EylllI XBmZ0w6mz42LLo33ApY71edXxi3J967Dk8YSlkIRVgrDOcvYHpyKqUU6L5w3aWF1 XoTooFpZZDOYEJGie16POmLFtfgmxUV20XqdqNsuADPnOIamwGuVE7v3a2/bSMvt G797KQlRzKBoBjYcl/fCBFRhIMcpn91Ig0nvj+gX02LgfAmg7Xkp2ZDdEV40A32H mEAxFhsvV0mEzTZWRgYYmr3HGF7xiiZUyhu9uIatiK3yb3MAK7Ow7L1+pQsUku99 EwAexxT5+1kKY5t//Ech1jX36jm1OAVrVLWrWDl8cERKeCeuhs9mXjiKCP62rD28 wotd1R4s/O50NflsP0ywVxAshZ4EFVvHjoSgr/kcHyX8nAwzMF5GcvDrwjXQB5u7 3QYW74USIwXT0zcEvqaprVLhekTEtt2EieHPKIit97p718R582YC9Fxm0mgFKlgp lGelo2g+JJPB4Y/T8EpUGPIW6nHK9Iw9cp7K07yhhKX0O+EO7bZE9ShunFf8INN5 EJUf4oAUTIc2XH4= =Li4s -----END PGP SIGNATURE----- Merge tag 'lsm-pr-20240830' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm Pull lsm fix from Paul Moore: "One small patch to correct a NFS permissions problem with SELinux and Smack" * tag 'lsm-pr-20240830' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm: selinux,smack: don't bypass permissions check in inode_setsecctx hook
This commit is contained in:
commit
fb24560f31
@ -6660,8 +6660,8 @@ static int selinux_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen
|
||||
*/
|
||||
static int selinux_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen)
|
||||
{
|
||||
return __vfs_setxattr_noperm(&nop_mnt_idmap, dentry, XATTR_NAME_SELINUX,
|
||||
ctx, ctxlen, 0);
|
||||
return __vfs_setxattr_locked(&nop_mnt_idmap, dentry, XATTR_NAME_SELINUX,
|
||||
ctx, ctxlen, 0, NULL);
|
||||
}
|
||||
|
||||
static int selinux_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen)
|
||||
|
@ -4880,8 +4880,8 @@ static int smack_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen)
|
||||
|
||||
static int smack_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen)
|
||||
{
|
||||
return __vfs_setxattr_noperm(&nop_mnt_idmap, dentry, XATTR_NAME_SMACK,
|
||||
ctx, ctxlen, 0);
|
||||
return __vfs_setxattr_locked(&nop_mnt_idmap, dentry, XATTR_NAME_SMACK,
|
||||
ctx, ctxlen, 0, NULL);
|
||||
}
|
||||
|
||||
static int smack_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen)
|
||||
|
Loading…
Reference in New Issue
Block a user