aboutsummaryrefslogtreecommitdiffstats
path: root/meta-rcar-gen2/recipes-kernel/linux/linux-renesas/smack/0029-Smack-Correctly-remove-SMACK64TRANSMUTE-attribute.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta-rcar-gen2/recipes-kernel/linux/linux-renesas/smack/0029-Smack-Correctly-remove-SMACK64TRANSMUTE-attribute.patch')
-rw-r--r--meta-rcar-gen2/recipes-kernel/linux/linux-renesas/smack/0029-Smack-Correctly-remove-SMACK64TRANSMUTE-attribute.patch64
1 files changed, 64 insertions, 0 deletions
diff --git a/meta-rcar-gen2/recipes-kernel/linux/linux-renesas/smack/0029-Smack-Correctly-remove-SMACK64TRANSMUTE-attribute.patch b/meta-rcar-gen2/recipes-kernel/linux/linux-renesas/smack/0029-Smack-Correctly-remove-SMACK64TRANSMUTE-attribute.patch
new file mode 100644
index 0000000..b70522d
--- /dev/null
+++ b/meta-rcar-gen2/recipes-kernel/linux/linux-renesas/smack/0029-Smack-Correctly-remove-SMACK64TRANSMUTE-attribute.patch
@@ -0,0 +1,64 @@
+From cb4e7f82cf806db0fb08aa83e6b3b4aa3918af60 Mon Sep 17 00:00:00 2001
+From: Casey Schaufler <casey@schaufler-ca.com>
+Date: Thu, 10 Apr 2014 16:35:36 -0700
+Subject: [PATCH 29/54] Smack: Correctly remove SMACK64TRANSMUTE attribute
+
+Sam Henderson points out that removing the SMACK64TRANSMUTE
+attribute from a directory does not result in the directory
+transmuting. This is because the inode flag indicating that
+the directory is transmuting isn't cleared. The fix is a tad
+less than trivial because smk_task and smk_mmap should have
+been broken out, too.
+
+Targeted for git://git.gitorious.org/smack-next/kernel.git
+
+Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
+---
+ security/smack/smack_lsm.c | 25 +++++++++++++++++++------
+ 1 file changed, 19 insertions(+), 6 deletions(-)
+
+diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
+index e6c0a57..b259a0d 100644
+--- a/security/smack/smack_lsm.c
++++ b/security/smack/smack_lsm.c
+@@ -1026,18 +1026,31 @@ static int smack_inode_removexattr(struct dentry *dentry, const char *name)
+ } else
+ rc = cap_inode_removexattr(dentry, name);
+
++ if (rc != 0)
++ return rc;
++
+ smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_DENTRY);
+ smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
+- if (rc == 0)
+- rc = smk_curacc(smk_of_inode(dentry->d_inode), MAY_WRITE, &ad);
+
+- if (rc == 0) {
+- isp = dentry->d_inode->i_security;
++ rc = smk_curacc(smk_of_inode(dentry->d_inode), MAY_WRITE, &ad);
++ if (rc != 0)
++ return rc;
++
++ isp = dentry->d_inode->i_security;
++ /*
++ * Don't do anything special for these.
++ * XATTR_NAME_SMACKIPIN
++ * XATTR_NAME_SMACKIPOUT
++ * XATTR_NAME_SMACKEXEC
++ */
++ if (strcmp(name, XATTR_NAME_SMACK) == 0)
+ isp->smk_task = NULL;
++ else if (strcmp(name, XATTR_NAME_SMACKMMAP) == 0)
+ isp->smk_mmap = NULL;
+- }
++ else if (strcmp(name, XATTR_NAME_SMACKTRANSMUTE) == 0)
++ isp->smk_flags &= ~SMK_INODE_TRANSMUTE;
+
+- return rc;
++ return 0;
+ }
+
+ /**
+--
+2.1.4
+