Stable backport of de3004c874e7 ("ocfs2: Switch to security_inode_init_security()")
Tetsuo Handa
penguin-kernel at I-love.SAKURA.ne.jp
Sat May 20 05:54:10 UTC 2023
On 2023/05/20 6:51, Paul Moore wrote:
> Finally, since security_inode_init_security(), unlike
> security_old_inode_init_security(), returns zero instead of -EOPNOTSUPP if
> no xattrs were provided by LSMs or if inodes are private, additionally
> check in ocfs2_init_security_get() if the xattr name is set.
>
> If not, act as if security_old_inode_init_security() returned -EOPNOTSUPP,
> and set si->enable to zero to notify to the functions following
> ocfs2_init_security_get() that no xattrs are available.
Regarding security_inode_init_security(), similar problem was found on reiserfs.
https://lkml.kernel.org/r/a800496b-cae9-81bf-c79e-d8342418c5be@I-love.SAKURA.ne.jp
Is it really expected behavior that security_inode_init_security() returns 0 when
initxattrs is provided but call_int_hook(inode_init_security) returned -EOPNOTSUPP ?
More information about the Linux-security-module-archive
mailing list