projects / platform / kernel / linux-exynos.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 922249e) | patch
Smack: fix d_instantiate logic for sockfs and pipefs accepted/tizen/3.0/common/20161227.101955 accepted/tizen/3.0/ivi/20161227.010309 accepted/tizen/3.0/mobile/20161227.010220 accepted/tizen/3.0/tv/20161227.010235 accepted/tizen/3.0/wearable/20161227.010256 submit/tizen_3.0/20161226.054516
authorRafal Krypa <r.krypa@samsung.com>
Tue, 13 Dec 2016 02:25:11 +0000 (11:25 +0900)
committerSeung-Woo Kim <sw0312.kim@samsung.com>
Fri, 16 Dec 2016 00:14:20 +0000 (09:14 +0900)
commit34e1f010399777083bc20e35ac7fc5d1a30d8590
tree229ba9b55055b782b79f74fe7c3307fe05a1638dtree | snapshot
parent922249ecc08a4b09144965ef01d09c1ce08127eacommit | diff
Smack: fix d_instantiate logic for sockfs and pipefs

Since 4b936885a (v2.6.32) all inodes on sockfs and pipefs are disconnected.
It caused filesystem specific code in smack_d_instantiate to be skipped,
because all inodes on those pseudo filesystems were treated as root inodes.
As a result all sockfs inodes had the Smack label set to floor.

In most cases access checks for sockets use socket_smack data so the inode
label is not important. But there are special cases that were broken.
One example would be calling fcntl with F_SETOWN command on a socket fd.

Now smack_d_instantiate expects all pipefs and sockfs inodes to be
disconnected and has the logic in appropriate place.

Change-Id: I87ab9fa19cea3e8df8f2c814946e56a9df20d36d
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>
security/smack/smack_lsm.c diff | blob | history
Domain: System / Kernel;