| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 2 Nov 2016 13:09:01 -0700
From: Casey Schaufler <casey@...aufler-ca.com>
To: Andreas Gruenbacher <agruenba@...hat.com>
Cc: Al Viro <viro@...iv.linux.org.uk>, linux-kernel@...r.kernel.org,
linux-security-module@...r.kernel.org,
Stephen Smalley <sds@...ho.nsa.gov>,
Casey Schaufler <casey@...aufler-ca.com>
Subject: Re: [PATCH] Re: Problem with setxattr on sockfs with Smack after
971df15bd54ad46e907046ff33750a137b2f0096
On 11/2/2016 12:34 PM, Andreas Gruenbacher wrote:
> Casey,
>
> does this patch help?
My tests pass with this patch applied.
>
> (The way how security xattrs are handled by LSM is pretty ugly.
I'm open to suggestions.
> I'm not
> convinced that it doesn't break something else, yet.)
>
> Thanks,
> Andreas
> ---
> fs/xattr.c | 8 +++++---
> 1 file changed, 5 insertions(+), 3 deletions(-)
>
> diff --git a/fs/xattr.c b/fs/xattr.c
> index 3368659..bf09836 100644
> --- a/fs/xattr.c
> +++ b/fs/xattr.c
> @@ -183,11 +183,13 @@ int __vfs_setxattr_noperm(struct dentry *dentry, const char *name,
> security_inode_post_setxattr(dentry, name, value,
> size, flags);
> }
> - } else if (issec) {
> - const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
> -
> + } else {
> if (unlikely(is_bad_inode(inode)))
> return -EIO;
> + }
> + if (issec && error == -EOPNOTSUPP) {
> + const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
> +
> error = security_inode_setsecurity(inode, suffix, value,
> size, flags);
> if (!error)
Powered by blists - more mailing lists