diff options
author | James Morris <jmorris@namei.org> | 2009-05-08 17:56:47 +1000 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2009-05-08 17:56:47 +1000 |
commit | d254117099d711f215e62427f55dfb8ebd5ad011 (patch) | |
tree | 0848ff8dd74314fec14a86497f8d288c86ba7c65 /security/smack | |
parent | 07ff7a0b187f3951788f64ae1f30e8109bc8e9eb (diff) | |
parent | 8c9ed899b44c19e81859fbb0e9d659fe2f8630fc (diff) | |
download | lwn-d254117099d711f215e62427f55dfb8ebd5ad011.tar.gz lwn-d254117099d711f215e62427f55dfb8ebd5ad011.zip |
Merge branch 'master' into next
Diffstat (limited to 'security/smack')
-rw-r--r-- | security/smack/smack_lsm.c | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index f557767911c9..0d030b4513c8 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -675,8 +675,12 @@ static int smack_inode_setxattr(struct dentry *dentry, const char *name, strcmp(name, XATTR_NAME_SMACKIPOUT) == 0) { if (!capable(CAP_MAC_ADMIN)) rc = -EPERM; - /* a label cannot be void and cannot begin with '-' */ - if (size == 0 || (size > 0 && ((char *)value)[0] == '-')) + /* + * check label validity here so import wont fail on + * post_setxattr + */ + if (size == 0 || size >= SMK_LABELLEN || + smk_import(value, size) == NULL) rc = -EINVAL; } else rc = cap_inode_setxattr(dentry, name, value, size, flags); @@ -713,9 +717,6 @@ static void smack_inode_post_setxattr(struct dentry *dentry, const char *name, if (strcmp(name, XATTR_NAME_SMACK)) return; - if (size >= SMK_LABELLEN) - return; - isp = dentry->d_inode->i_security; /* |