korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-09-21 12:11:49 +08:00
Code Issues Packages Projects Releases Wiki Activity
linux-6.10.y
linux/security
History
Paul Moore bc8ccc1f1e selinux,smack: remove the capability checks in the removexattr hooks 
commit dd44477e7f upstream.

Commit 61df7b8282 ("lsm: fixup the inode xattr capability handling")
moved the responsibility of doing the inode xattr capability checking
out of the individual LSMs and into the LSM framework itself.
Unfortunately, while the original commit added the capability checks
to both the setxattr and removexattr code in the LSM framework, it
only removed the setxattr capability checks from the individual LSMs,
leaving duplicated removexattr capability checks in both the SELinux
and Smack code.

This patch removes the duplicated code from SELinux and Smack.

Fixes: 61df7b8282 ("lsm: fixup the inode xattr capability handling")
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2024-08-03 09:01:09 +02:00
..
apparmor apparmor: unpack transition table if dfa is not present 2024-08-03 09:01:08 +02:00
bpf lsm: mark the lsm_id variables are marked as static 2023-11-12 22:54:42 -05:00
integrity integrity-v6.10-fix 2024-07-05 16:21:54 -07:00
keys task_work: s/task_work_cancel()/task_work_cancel_func()/ 2024-08-03 09:00:36 +02:00
landlock landlock: Don't lose track of restrictions on cred_transfer 2024-08-03 09:00:28 +02:00
loadpin hardening fixes for v6.10-rc1 2024-05-24 08:33:44 -07:00
lockdown LSM: Identify modules by more than name 2023-11-12 22:54:42 -05:00
safesetid lsm: mark the lsm_id variables are marked as static 2023-11-12 22:54:42 -05:00
selinux selinux,smack: remove the capability checks in the removexattr hooks 2024-08-03 09:01:09 +02:00
smack selinux,smack: remove the capability checks in the removexattr hooks 2024-08-03 09:01:09 +02:00
tomoyo tomoyo: update project links 2024-06-03 22:43:11 +09:00
yama yama: document function parameter 2024-06-06 11:40:28 -07:00
commoncap.c lsm: mark the lsm_id variables are marked as static 2023-11-12 22:54:42 -05:00
device_cgroup.c device_cgroup: Fix kernel-doc warnings in device_cgroup 2023-06-21 09:30:49 -04:00
inode.c security: convert to new timestamp accessors 2023-10-18 14:08:31 +02:00
Kconfig fortify: drop Clang version check for 12.0.1 or newer 2024-02-22 15:38:54 -08:00
Kconfig.hardening Revert "mm: init_mlocked_on_free_v3" 2024-06-15 10:43:05 -07:00
lsm_audit.c lsm: fix a number of misspellings 2023-05-25 17:52:15 -04:00
lsm_syscalls.c lsm: use 32-bit compatible data types in LSM syscalls 2024-03-14 11:31:26 -04:00
Makefile LSM: syscalls for current process attributes 2023-11-12 22:54:42 -05:00
min_addr.c sysctl: pass kernel pointers to ->proc_handler 2020-04-27 02:07:40 -04:00
security.c lsm: fixup the inode xattr capability handling 2024-08-03 09:00:34 +02:00