提交 30e05324 编写于 作者: J Jan Kara 提交者: Linus Torvalds

security: Fix security_old_inode_init_security() when CONFIG_SECURITY is not set

Commit 1e39f384 ("evm: fix build problems") makes the stub version
of security_old_inode_init_security() return 0 when CONFIG_SECURITY is
not set.

But that makes callers such as reiserfs_security_init() assume that
security_old_inode_init_security() has set name, value, and len
arguments properly - but security_old_inode_init_security() left them
uninitialized which then results in interesting failures.

Revert security_old_inode_init_security() to the old behavior of
returning EOPNOTSUPP since both callers (reiserfs and ocfs2) handle this
just fine.

[ Also fixed the S_PRIVATE(inode) case of the actual non-stub
  security_old_inode_init_security() function to return EOPNOTSUPP
  for the same reason, as pointed out by Mimi Zohar.

  It got incorrectly changed to match the new function in commit
  fb88c2b6: "evm: fix security/security_old_init_security return
  code".   - Linus ]
Reported-by: NJorge Bastos <mysql.jorge@decimal.pt>
Acked-by: NJames Morris <jmorris@namei.org>
Acked-by: NMimi Zohar <zohar@us.ibm.com>
Signed-off-by: NJan Kara <jack@suse.cz>
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
上级 4376eee9
...@@ -2056,7 +2056,7 @@ static inline int security_old_inode_init_security(struct inode *inode, ...@@ -2056,7 +2056,7 @@ static inline int security_old_inode_init_security(struct inode *inode,
char **name, void **value, char **name, void **value,
size_t *len) size_t *len)
{ {
return 0; return -EOPNOTSUPP;
} }
static inline int security_inode_create(struct inode *dir, static inline int security_inode_create(struct inode *dir,
......
...@@ -381,7 +381,7 @@ int security_old_inode_init_security(struct inode *inode, struct inode *dir, ...@@ -381,7 +381,7 @@ int security_old_inode_init_security(struct inode *inode, struct inode *dir,
void **value, size_t *len) void **value, size_t *len)
{ {
if (unlikely(IS_PRIVATE(inode))) if (unlikely(IS_PRIVATE(inode)))
return 0; return -EOPNOTSUPP;
return security_ops->inode_init_security(inode, dir, qstr, name, value, return security_ops->inode_init_security(inode, dir, qstr, name, value,
len); len);
} }
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册