[PATCH 0/2] fanotify: avid some premature LSM checks
Jan Kara
jack at suse.cz
Tue Feb 17 11:09:34 UTC 2026
On Mon 16-02-26 16:06:23, Ondrej Mosnacek wrote:
> Restructure some of the validity and security checks in
> fs/notify/fanotify/fanotify_user.c to avoid generating LSM access
> denials in the audit log where hey shouldn't be.
>
> Ondrej Mosnacek (2):
> fanotify: avoid/silence premature LSM capability checks
> fanotify: call fanotify_events_supported() before path_permission()
> and security_path_notify()
>
> fs/notify/fanotify/fanotify_user.c | 50 ++++++++++++++----------------
> 1 file changed, 23 insertions(+), 27 deletions(-)
The series looks good to me as well. Thanks! I'll commit the series to my
tree once the merge window closes and fixup the comment formatting on
commit. No need to resend.
Honza
--
Jan Kara <jack at suse.com>
SUSE Labs, CR
More information about the Linux-security-module-archive
mailing list