Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
Merge tag 'lsm-pr-20240830' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm
Pull lsm fix from Paul Moore:
"One small patch to correct a NFS permissions problem with SELinux and
Smack"
* tag 'lsm-pr-20240830' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm:
selinux,smack: don't bypass permissions check in inode_setsecctx hook
+4
-4
+2
-2
security/selinux/hooks.c
+2
-2
security/selinux/hooks.c
···
6660
6660
*/
6661
6661
static int selinux_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen)
6662
6662
{
6663
-
return __vfs_setxattr_noperm(&nop_mnt_idmap, dentry, XATTR_NAME_SELINUX,
6664
-
ctx, ctxlen, 0);
6663
+
return __vfs_setxattr_locked(&nop_mnt_idmap, dentry, XATTR_NAME_SELINUX,
6664
+
ctx, ctxlen, 0, NULL);
6665
6665
}
6666
6666
6667
6667
static int selinux_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen)
+2
-2
security/smack/smack_lsm.c
+2
-2
security/smack/smack_lsm.c
···
4880
4880
4881
4881
static int smack_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen)
4882
4882
{
4883
-
return __vfs_setxattr_noperm(&nop_mnt_idmap, dentry, XATTR_NAME_SMACK,
4884
-
ctx, ctxlen, 0);
4883
+
return __vfs_setxattr_locked(&nop_mnt_idmap, dentry, XATTR_NAME_SMACK,
4884
+
ctx, ctxlen, 0, NULL);
4885
4885
}
4886
4886
4887
4887
static int smack_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen)