lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 2 Nov 2016 13:09:01 -0700 From: Casey Schaufler <casey@...aufler-ca.com> To: Andreas Gruenbacher <agruenba@...hat.com> Cc: Al Viro <viro@...iv.linux.org.uk>, linux-kernel@...r.kernel.org, linux-security-module@...r.kernel.org, Stephen Smalley <sds@...ho.nsa.gov>, Casey Schaufler <casey@...aufler-ca.com> Subject: Re: [PATCH] Re: Problem with setxattr on sockfs with Smack after 971df15bd54ad46e907046ff33750a137b2f0096 On 11/2/2016 12:34 PM, Andreas Gruenbacher wrote: > Casey, > > does this patch help? My tests pass with this patch applied. > > (The way how security xattrs are handled by LSM is pretty ugly. I'm open to suggestions. > I'm not > convinced that it doesn't break something else, yet.) > > Thanks, > Andreas > --- > fs/xattr.c | 8 +++++--- > 1 file changed, 5 insertions(+), 3 deletions(-) > > diff --git a/fs/xattr.c b/fs/xattr.c > index 3368659..bf09836 100644 > --- a/fs/xattr.c > +++ b/fs/xattr.c > @@ -183,11 +183,13 @@ int __vfs_setxattr_noperm(struct dentry *dentry, const char *name, > security_inode_post_setxattr(dentry, name, value, > size, flags); > } > - } else if (issec) { > - const char *suffix = name + XATTR_SECURITY_PREFIX_LEN; > - > + } else { > if (unlikely(is_bad_inode(inode))) > return -EIO; > + } > + if (issec && error == -EOPNOTSUPP) { > + const char *suffix = name + XATTR_SECURITY_PREFIX_LEN; > + > error = security_inode_setsecurity(inode, suffix, value, > size, flags); > if (!error)
Powered by blists - more mailing lists