diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index e4369d86e5885d9b00e97cd7cd901810f2c1c237..7cd71cea05031f205e0ee389182721b95d10ac8f 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -2946,7 +2946,8 @@ static int selinux_inode_setattr(struct dentry *dentry, struct iattr *iattr)
 			ATTR_ATIME_SET | ATTR_MTIME_SET | ATTR_TIMES_SET))
 		return dentry_has_perm(cred, dentry, FILE__SETATTR);
 
-	if (selinux_policycap_openperm && (ia_valid & ATTR_SIZE))
+	if (selinux_policycap_openperm && (ia_valid & ATTR_SIZE)
+			&& !(ia_valid & ATTR_FILE))
 		av |= FILE__OPEN;
 
 	return dentry_has_perm(cred, dentry, av);