| Message ID | 1478115261-29669-1-git-send-email-agruenba@redhat.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On 11/2/2016 12:34 PM, Andreas Gruenbacher wrote: > Casey, > > does this patch help? My tests pass with this patch applied. > > (The way how security xattrs are handled by LSM is pretty ugly. I'm open to suggestions. > I'm not > convinced that it doesn't break something else, yet.) > > Thanks, > Andreas > --- > fs/xattr.c | 8 +++++--- > 1 file changed, 5 insertions(+), 3 deletions(-) > > diff --git a/fs/xattr.c b/fs/xattr.c > index 3368659..bf09836 100644 > --- a/fs/xattr.c > +++ b/fs/xattr.c > @@ -183,11 +183,13 @@ int __vfs_setxattr_noperm(struct dentry *dentry, const char *name, > security_inode_post_setxattr(dentry, name, value, > size, flags); > } > - } else if (issec) { > - const char *suffix = name + XATTR_SECURITY_PREFIX_LEN; > - > + } else { > if (unlikely(is_bad_inode(inode))) > return -EIO; > + } > + if (issec && error == -EOPNOTSUPP) { > + const char *suffix = name + XATTR_SECURITY_PREFIX_LEN; > + > error = security_inode_setsecurity(inode, suffix, value, > size, flags); > if (!error) -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/fs/xattr.c b/fs/xattr.c index 3368659..bf09836 100644 --- a/fs/xattr.c +++ b/fs/xattr.c @@ -183,11 +183,13 @@ int __vfs_setxattr_noperm(struct dentry *dentry, const char *name, security_inode_post_setxattr(dentry, name, value, size, flags); } - } else if (issec) { - const char *suffix = name + XATTR_SECURITY_PREFIX_LEN; - + } else { if (unlikely(is_bad_inode(inode))) return -EIO; + } + if (issec && error == -EOPNOTSUPP) { + const char *suffix = name + XATTR_SECURITY_PREFIX_LEN; + error = security_inode_setsecurity(inode, suffix, value, size, flags); if (!error)