diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2019-07-09 15:24:21 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2019-07-09 15:24:21 -0400 |
| commit | 9d22167f34305280c5dd57a74c21651da3c23015 (patch) | |
| tree | 2cafd45c1ea48fc922c178260b508d68a6e909d8 /security/commoncap.c | |
| parent | 593c75463ab6d6985cdc9916f3d1c28b5f6340cd (diff) | |
| parent | c5eaab1d131d0a6272df7d55a971a67400d63f56 (diff) | |
Merge branch 'next-lsm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull capabilities update from James Morris:
"Minor fixes for capabilities:
- Update the commoncap.c code to utilize XATTR_SECURITY_PREFIX_LEN,
from Carmeli tamir.
- Make the capability hooks static, from Yue Haibing"
* 'next-lsm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
security/commoncap: Use xattr security prefix len
security: Make capability_hooks static
Diffstat (limited to 'security/commoncap.c')
| -rw-r--r-- | security/commoncap.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/security/commoncap.c b/security/commoncap.c index c0b9664ee49e..f4ee0ae106b2 100644 --- a/security/commoncap.c +++ b/security/commoncap.c | |||
| @@ -915,7 +915,7 @@ int cap_inode_setxattr(struct dentry *dentry, const char *name, | |||
| 915 | 915 | ||
| 916 | /* Ignore non-security xattrs */ | 916 | /* Ignore non-security xattrs */ |
| 917 | if (strncmp(name, XATTR_SECURITY_PREFIX, | 917 | if (strncmp(name, XATTR_SECURITY_PREFIX, |
| 918 | sizeof(XATTR_SECURITY_PREFIX) - 1) != 0) | 918 | XATTR_SECURITY_PREFIX_LEN) != 0) |
| 919 | return 0; | 919 | return 0; |
| 920 | 920 | ||
| 921 | /* | 921 | /* |
| @@ -947,7 +947,7 @@ int cap_inode_removexattr(struct dentry *dentry, const char *name) | |||
| 947 | 947 | ||
| 948 | /* Ignore non-security xattrs */ | 948 | /* Ignore non-security xattrs */ |
| 949 | if (strncmp(name, XATTR_SECURITY_PREFIX, | 949 | if (strncmp(name, XATTR_SECURITY_PREFIX, |
| 950 | sizeof(XATTR_SECURITY_PREFIX) - 1) != 0) | 950 | XATTR_SECURITY_PREFIX_LEN) != 0) |
| 951 | return 0; | 951 | return 0; |
| 952 | 952 | ||
| 953 | if (strcmp(name, XATTR_NAME_CAPS) == 0) { | 953 | if (strcmp(name, XATTR_NAME_CAPS) == 0) { |
| @@ -1339,7 +1339,7 @@ int cap_mmap_file(struct file *file, unsigned long reqprot, | |||
| 1339 | 1339 | ||
| 1340 | #ifdef CONFIG_SECURITY | 1340 | #ifdef CONFIG_SECURITY |
| 1341 | 1341 | ||
| 1342 | struct security_hook_list capability_hooks[] __lsm_ro_after_init = { | 1342 | static struct security_hook_list capability_hooks[] __lsm_ro_after_init = { |
| 1343 | LSM_HOOK_INIT(capable, cap_capable), | 1343 | LSM_HOOK_INIT(capable, cap_capable), |
| 1344 | LSM_HOOK_INIT(settime, cap_settime), | 1344 | LSM_HOOK_INIT(settime, cap_settime), |
| 1345 | LSM_HOOK_INIT(ptrace_access_check, cap_ptrace_access_check), | 1345 | LSM_HOOK_INIT(ptrace_access_check, cap_ptrace_access_check), |