diff options
| author | Xu Kuohai <xukuohai@huawei.com> | 2024-07-24 10:06:59 +0800 |
|---|---|---|
| committer | Paul Moore <paul@paul-moore.com> | 2024-07-31 14:47:09 -0400 |
| commit | 924e19c39e8f0bbd581ab8a049f95a0ed02235b1 (patch) | |
| tree | 19035cdf88e11452b06828295b4cd4b372d46fd6 /security/selinux | |
| parent | be72a57527fde6c80061c5f9d0e28762eb817b03 (diff) | |
| download | lwn-924e19c39e8f0bbd581ab8a049f95a0ed02235b1.tar.gz lwn-924e19c39e8f0bbd581ab8a049f95a0ed02235b1.zip | |
lsm: Refactor return value of LSM hook inode_copy_up_xattr
To be consistent with most LSM hooks, convert the return value of
hook inode_copy_up_xattr to 0 or a negative error code.
Before:
- Hook inode_copy_up_xattr returns 0 when accepting xattr, 1 when
discarding xattr, -EOPNOTSUPP if it does not know xattr, or any
other negative error code otherwise.
After:
- Hook inode_copy_up_xattr returns 0 when accepting xattr, *-ECANCELED*
when discarding xattr, -EOPNOTSUPP if it does not know xattr, or
any other negative error code otherwise.
Signed-off-by: Xu Kuohai <xukuohai@huawei.com>
Reviewed-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'security/selinux')
| -rw-r--r-- | security/selinux/hooks.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index af7467cdd181..81fbfa5b80d4 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -3531,8 +3531,8 @@ static int selinux_inode_copy_up_xattr(struct dentry *dentry, const char *name) * xattrs up. Instead, filter out SELinux-related xattrs following * policy load. */ - if (selinux_initialized() && strcmp(name, XATTR_NAME_SELINUX) == 0) - return 1; /* Discard */ + if (selinux_initialized() && !strcmp(name, XATTR_NAME_SELINUX)) + return -ECANCELED; /* Discard */ /* * Any other attribute apart from SELINUX is not claimed, supported * by selinux. |