diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2024-08-31 06:33:59 +1200 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2024-08-31 06:33:59 +1200 |
| commit | fb24560f31f9dff2c97707cfed6029bfebebaf1c (patch) | |
| tree | 5122016e16f44a637f457c670843e67ca5296784 /security/selinux | |
| parent | fb1a804535adf538532a2f6a27b1c7775efe5368 (diff) | |
| parent | 76a0e79bc84f466999fa501fce5bf7a07641b8a7 (diff) | |
| download | lwn-fb24560f31f9dff2c97707cfed6029bfebebaf1c.tar.gz lwn-fb24560f31f9dff2c97707cfed6029bfebebaf1c.zip | |
Merge tag 'lsm-pr-20240830' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm
Pull lsm fix from Paul Moore:
"One small patch to correct a NFS permissions problem with SELinux and
Smack"
* tag 'lsm-pr-20240830' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm:
selinux,smack: don't bypass permissions check in inode_setsecctx hook
Diffstat (limited to 'security/selinux')
| -rw-r--r-- | security/selinux/hooks.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index bfa61e005aac..400eca4ad0fb 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6660,8 +6660,8 @@ static int selinux_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen */ static int selinux_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen) { - return __vfs_setxattr_noperm(&nop_mnt_idmap, dentry, XATTR_NAME_SELINUX, - ctx, ctxlen, 0); + return __vfs_setxattr_locked(&nop_mnt_idmap, dentry, XATTR_NAME_SELINUX, + ctx, ctxlen, 0, NULL); } static int selinux_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen) |