korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-09-21 12:11:49 +08:00
Code Issues Packages Projects Releases Wiki Activity
linux-6.10.y
linux/security/smack
History
Paul Moore bc8ccc1f1e selinux,smack: remove the capability checks in the removexattr hooks 
commit dd44477e7f upstream.

Commit 61df7b8282 ("lsm: fixup the inode xattr capability handling")
moved the responsibility of doing the inode xattr capability checking
out of the individual LSMs and into the LSM framework itself.
Unfortunately, while the original commit added the capability checks
to both the setxattr and removexattr code in the LSM framework, it
only removed the setxattr capability checks from the individual LSMs,
leaving duplicated removexattr capability checks in both the SELinux
and Smack code.

This patch removes the duplicated code from SELinux and Smack.

Fixes: 61df7b8282 ("lsm: fixup the inode xattr capability handling")
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2024-08-03 09:01:09 +02:00
..
Kconfig treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
Makefile treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
smack_access.c smack: Replace kzalloc + strncpy with kstrndup 2022-08-01 11:26:09 -07:00
smack_lsm.c selinux,smack: remove the capability checks in the removexattr hooks 2024-08-03 09:01:09 +02:00
smack_netfilter.c smack: remove duplicated hook function 2021-10-12 08:23:52 -07:00
smack.h smack: Set the SMACK64TRANSMUTE xattr in smack_inode_init_security() 2023-07-10 13:59:38 -04:00
smackfs.c smackfs: Prevent underflow in smk_set_cipso() 2023-08-07 14:09:23 -07:00