[PATCH 0/2] fanotify: avid some premature LSM checks
Ondrej Mosnacek
omosnace at redhat.com
Mon Feb 16 15:06:23 UTC 2026
Restructure some of the validity and security checks in
fs/notify/fanotify/fanotify_user.c to avoid generating LSM access
denials in the audit log where hey shouldn't be.
Ondrej Mosnacek (2):
fanotify: avoid/silence premature LSM capability checks
fanotify: call fanotify_events_supported() before path_permission()
and security_path_notify()
fs/notify/fanotify/fanotify_user.c | 50 ++++++++++++++----------------
1 file changed, 23 insertions(+), 27 deletions(-)
--
2.53.0
More information about the Linux-security-module-archive
mailing list