Two simple fixes for v5.8:
1) Fix hook iteration and default value for inode_copy_up_xattr from KP Singh <kpsingh@google.com> 2) Fix the key_permission LSM hook function type from Sami Tolvanen <samitolvanen@google.com> -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEgycj0O+d1G2aycA8rZhLv9lQBTwFAl76VWoACgkQrZhLv9lQ BTzA7hAAoOtVwDy0eop24cCmBnJZBk234oyEB/2Qer7F66TbXJsbRtDN2Pmo9H8T SKVkg1LpeDdwAlByAThalTiJeZSSK6p3t7Yhhd0FmZpUKv+/WyAyWy8m2KmBF1M6 xq2Sa9GzBFOm96vJlSRIMlpvpeVClY6soCiKowSdLXZ/Bqeg1daHEGXGnTTtC7Sg ju4aW/BylJzF9XhMBlcK3qLCd26FX2qPnqtTR0XeNLA+kX007lA2MyJ79xnnj2zb mWslT0e/z3xF3b1fGXLr16ELHIaK0+Nu5S5S1Y8OJdTqpL+fKmV68rePrDX2VCrB H0fdHXuVwMTP1SEimItTHsYsFXZuS8rjV5IgMPwiih3u5tUki/1C/4uQqbkXx5Uv ele7QBOgq48nKv1/tIp/7CnfS7SWsJVMYvVIYpBp6Svvguih4Ud+bksVQx9evYR5 74ZFJXWMiLeXEdbPeVqaFCHrDggYpCV8Gcqnq+v2fn1R5mEK4tB9Y/xYGXGPt5QN CuoACM83B1PsYFhTHiLaEnVTe3ToAtgth3cm0PbfkPXmyGzwlf1ANNIaRpBkoJh7 9Ms1B97EBsI4smkriv0WbmfAydJSVoqJaUOFqnTSLLwMivLJtCkQbxB44SxSV9AP tLEgvTn/CaY/O1nZ98ALtLMNlmj5Q2AhUkd3J/Hobl+oQzvb++8= =SToQ -----END PGP SIGNATURE----- Merge tag 'fixes-v5.8-rc3-a' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security Pull security subsystem fixes from James Morris: "Two simple fixes for v5.8: - Fix hook iteration and default value for inode_copy_up_xattr (KP Singh) - Fix the key_permission LSM hook function type (Sami Tolvanen)" * tag 'fixes-v5.8-rc3-a' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: security: Fix hook iteration and default value for inode_copy_up_xattr security: fix the key_permission LSM hook function type
This commit is contained in:
commit
615bc218d6
|
@ -150,7 +150,7 @@ LSM_HOOK(int, 0, inode_listsecurity, struct inode *inode, char *buffer,
|
|||
size_t buffer_size)
|
||||
LSM_HOOK(void, LSM_RET_VOID, inode_getsecid, struct inode *inode, u32 *secid)
|
||||
LSM_HOOK(int, 0, inode_copy_up, struct dentry *src, struct cred **new)
|
||||
LSM_HOOK(int, 0, inode_copy_up_xattr, const char *name)
|
||||
LSM_HOOK(int, -EOPNOTSUPP, inode_copy_up_xattr, const char *name)
|
||||
LSM_HOOK(int, 0, kernfs_init_security, struct kernfs_node *kn_dir,
|
||||
struct kernfs_node *kn)
|
||||
LSM_HOOK(int, 0, file_permission, struct file *file, int mask)
|
||||
|
@ -360,7 +360,7 @@ LSM_HOOK(int, 0, key_alloc, struct key *key, const struct cred *cred,
|
|||
unsigned long flags)
|
||||
LSM_HOOK(void, LSM_RET_VOID, key_free, struct key *key)
|
||||
LSM_HOOK(int, 0, key_permission, key_ref_t key_ref, const struct cred *cred,
|
||||
unsigned perm)
|
||||
enum key_need_perm need_perm)
|
||||
LSM_HOOK(int, 0, key_getsecurity, struct key *key, char **_buffer)
|
||||
#endif /* CONFIG_KEYS */
|
||||
|
||||
|
|
|
@ -1414,7 +1414,22 @@ EXPORT_SYMBOL(security_inode_copy_up);
|
|||
|
||||
int security_inode_copy_up_xattr(const char *name)
|
||||
{
|
||||
return call_int_hook(inode_copy_up_xattr, -EOPNOTSUPP, name);
|
||||
struct security_hook_list *hp;
|
||||
int rc;
|
||||
|
||||
/*
|
||||
* The implementation can return 0 (accept the xattr), 1 (discard the
|
||||
* xattr), -EOPNOTSUPP if it does not know anything about the xattr or
|
||||
* any other error code incase of an error.
|
||||
*/
|
||||
hlist_for_each_entry(hp,
|
||||
&security_hook_heads.inode_copy_up_xattr, list) {
|
||||
rc = hp->hook.inode_copy_up_xattr(name);
|
||||
if (rc != LSM_RET_DEFAULT(inode_copy_up_xattr))
|
||||
return rc;
|
||||
}
|
||||
|
||||
return LSM_RET_DEFAULT(inode_copy_up_xattr);
|
||||
}
|
||||
EXPORT_SYMBOL(security_inode_copy_up_xattr);
|
||||
|
||||
|
|
Loading…
Reference in New Issue