Stable backport of de3004c874e7 ("ocfs2: Switch to security_inode_init_security()")
Paul Moore
paul at paul-moore.com
Sat May 20 19:45:25 UTC 2023
On Sat, May 20, 2023 at 1:54 AM Tetsuo Handa
<penguin-kernel at i-love.sakura.ne.jp> wrote:
> On 2023/05/20 6:51, Paul Moore wrote:
> > Finally, since security_inode_init_security(), unlike
> > security_old_inode_init_security(), returns zero instead of -EOPNOTSUPP if
> > no xattrs were provided by LSMs or if inodes are private, additionally
> > check in ocfs2_init_security_get() if the xattr name is set.
> >
> > If not, act as if security_old_inode_init_security() returned -EOPNOTSUPP,
> > and set si->enable to zero to notify to the functions following
> > ocfs2_init_security_get() that no xattrs are available.
>
> Regarding security_inode_init_security(), similar problem was found on reiserfs ...
It is likely that reiserfs lhas other issues as well, which is why I
didn't propose the similar reiserfs patch for backporting to stable.
The request here is only for the ocfs2 patch, which has not seen any
problem reports and does fix at least one reported bug/panic.
Let's discuss the reiserfs patches in the other, relevant threads and
leave this thread dedicated to the ocfs2 backport to stable.
--
paul-moore.com
More information about the Linux-security-module-archive
mailing list