summaryrefslogtreecommitdiffstats
path: root/security/selinux/hooks.c
diff options
context:
space:
mode:
authorJoel Stanley <joel@jms.id.au>2019-04-08 12:35:00 +0930
committerJoel Stanley <joel@jms.id.au>2019-04-08 12:35:05 +0930
commit0b37f9a0bd24d9622f75d981feac67e72351b6e8 (patch)
treed40154b713e136a2d9dfb3fcb1903dd730bd234f /security/selinux/hooks.c
parentdf66fbc97853fbba90a0bfa44de32f3d5f7602b4 (diff)
parent8b298d3a0bd5feeb47129c4889356b38b78ab231 (diff)
downloadtalos-obmc-linux-0b37f9a0bd24d9622f75d981feac67e72351b6e8.tar.gz
talos-obmc-linux-0b37f9a0bd24d9622f75d981feac67e72351b6e8.zip
Merge tag 'v5.0.7' into dev-5.0
This is the 5.0.7 stable release Signed-off-by: Joel Stanley <joel@jms.id.au>
Diffstat (limited to 'security/selinux/hooks.c')
-rw-r--r--security/selinux/hooks.c9
1 files changed, 8 insertions, 1 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index cf20dd36a30f..07b11b5aaf1f 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -3244,12 +3244,16 @@ static int selinux_inode_setsecurity(struct inode *inode, const char *name,
const void *value, size_t size, int flags)
{
struct inode_security_struct *isec = inode_security_novalidate(inode);
+ struct superblock_security_struct *sbsec = inode->i_sb->s_security;
u32 newsid;
int rc;
if (strcmp(name, XATTR_SELINUX_SUFFIX))
return -EOPNOTSUPP;
+ if (!(sbsec->flags & SBLABEL_MNT))
+ return -EOPNOTSUPP;
+
if (!value || !size)
return -EACCES;
@@ -6398,7 +6402,10 @@ static void selinux_inode_invalidate_secctx(struct inode *inode)
*/
static int selinux_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen)
{
- return selinux_inode_setsecurity(inode, XATTR_SELINUX_SUFFIX, ctx, ctxlen, 0);
+ int rc = selinux_inode_setsecurity(inode, XATTR_SELINUX_SUFFIX,
+ ctx, ctxlen, 0);
+ /* Do not return error when suppressing label (SBLABEL_MNT not set). */
+ return rc == -EOPNOTSUPP ? 0 : rc;
}
/*
OpenPOWER on IntegriCloud