1 files changed, 8 insertions, 3 deletions

diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 185e2e73cd33..aaf770159ebb 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -185,7 +185,7 @@ static int smack_ptrace_access_check(struct task_struct *ctp, unsigned int mode)
         smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_TASK);
         smk_ad_setfield_u_tsk(&ad, ctp);
 
-        rc = smk_curacc(skp->smk_known, MAY_READWRITE, &ad);
+        rc = smk_curacc(skp->smk_known, mode, &ad);
         return rc;
 }
 
@@ -1146,7 +1146,7 @@ static int smack_file_ioctl(struct file *file, unsigned int cmd,
  * @file: the object
  * @cmd: unused
  *
- * Returns 0 if current has write access, error code otherwise
+ * Returns 0 if current has lock access, error code otherwise
  */
 static int smack_file_lock(struct file *file, unsigned int cmd)
 {
@@ -1154,7 +1154,7 @@ static int smack_file_lock(struct file *file, unsigned int cmd)
 
         smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH);
         smk_ad_setfield_u_fs_path(&ad, file->f_path);
-        return smk_curacc(file->f_security, MAY_WRITE, &ad);
+        return smk_curacc(file->f_security, MAY_LOCK, &ad);
 }
 
 /**
@@ -1178,8 +1178,13 @@ static int smack_file_fcntl(struct file *file, unsigned int cmd,
 
         switch (cmd) {
         case F_GETLK:
+                break;
         case F_SETLK:
         case F_SETLKW:
+                smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH);
+                smk_ad_setfield_u_fs_path(&ad, file->f_path);
+                rc = smk_curacc(file->f_security, MAY_LOCK, &ad);
+                break;
         case F_SETOWN:
         case F_SETSIG:
                 smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH);