summaryrefslogtreecommitdiff
path: root/security/smack
diff options
context:
space:
mode:
authorJames Morris <jmorris@namei.org>2009-05-08 17:56:47 +1000
committerJames Morris <jmorris@namei.org>2009-05-08 17:56:47 +1000
commitd254117099d711f215e62427f55dfb8ebd5ad011 (patch)
tree0848ff8dd74314fec14a86497f8d288c86ba7c65 /security/smack
parent07ff7a0b187f3951788f64ae1f30e8109bc8e9eb (diff)
parent8c9ed899b44c19e81859fbb0e9d659fe2f8630fc (diff)
downloadlwn-d254117099d711f215e62427f55dfb8ebd5ad011.tar.gz
lwn-d254117099d711f215e62427f55dfb8ebd5ad011.zip
Merge branch 'master' into next
Diffstat (limited to 'security/smack')
-rw-r--r--security/smack/smack_lsm.c11
1 files changed, 6 insertions, 5 deletions
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index f557767911c9..0d030b4513c8 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -675,8 +675,12 @@ static int smack_inode_setxattr(struct dentry *dentry, const char *name,
strcmp(name, XATTR_NAME_SMACKIPOUT) == 0) {
if (!capable(CAP_MAC_ADMIN))
rc = -EPERM;
- /* a label cannot be void and cannot begin with '-' */
- if (size == 0 || (size > 0 && ((char *)value)[0] == '-'))
+ /*
+ * check label validity here so import wont fail on
+ * post_setxattr
+ */
+ if (size == 0 || size >= SMK_LABELLEN ||
+ smk_import(value, size) == NULL)
rc = -EINVAL;
} else
rc = cap_inode_setxattr(dentry, name, value, size, flags);
@@ -713,9 +717,6 @@ static void smack_inode_post_setxattr(struct dentry *dentry, const char *name,
if (strcmp(name, XATTR_NAME_SMACK))
return;
- if (size >= SMK_LABELLEN)
- return;
-
isp = dentry->d_inode->i_security;
/*