[thirdparty/kernel/stable-queue.git] / queue-5.10 / smack-set-smack64transmute-only-for-dirs-in-smack_in.patch

From 041ee205fd180fafd662a5d4d32e119030d302c0 Mon Sep 17 00:00:00 2001
From: Sasha Levin <sashal@kernel.org>
Date: Thu, 16 Nov 2023 10:01:21 +0100
Subject: smack: Set SMACK64TRANSMUTE only for dirs in smack_inode_setxattr()

From: Roberto Sassu <roberto.sassu@huawei.com>

[ Upstream commit 9c82169208dde516510aaba6bbd8b13976690c5d ]

Since the SMACK64TRANSMUTE xattr makes sense only for directories, enforce
this restriction in smack_inode_setxattr().

Cc: stable@vger.kernel.org
Fixes: 5c6d1125f8db ("Smack: Transmute labels on specified directories") # v2.6.38.x
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 security/smack/smack_lsm.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 5388f143eecd8..0be25e05c1a03 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -1280,7 +1280,8 @@ static int smack_inode_setxattr(struct dentry *dentry, const char *name,
 		check_star = 1;
 	} else if (strcmp(name, XATTR_NAME_SMACKTRANSMUTE) == 0) {
 		check_priv = 1;
-		if (size != TRANS_TRUE_SIZE ||
+		if (!S_ISDIR(d_backing_inode(dentry)->i_mode) ||
+		    size != TRANS_TRUE_SIZE ||
 		    strncmp(value, TRANS_TRUE, TRANS_TRUE_SIZE) != 0)
 			rc = -EINVAL;
 	} else
-- 
2.43.0
Commit	Line	Data
b7ca0ba0 SL	1	From 041ee205fd180fafd662a5d4d32e119030d302c0 Mon Sep 17 00:00:00 2001
	2	From: Sasha Levin <sashal@kernel.org>
	3	Date: Thu, 16 Nov 2023 10:01:21 +0100
	4	Subject: smack: Set SMACK64TRANSMUTE only for dirs in smack_inode_setxattr()
	5
	6	From: Roberto Sassu <roberto.sassu@huawei.com>
	7
	8	[ Upstream commit 9c82169208dde516510aaba6bbd8b13976690c5d ]
	9
	10	Since the SMACK64TRANSMUTE xattr makes sense only for directories, enforce
	11	this restriction in smack_inode_setxattr().
	12
	13	Cc: stable@vger.kernel.org
	14	Fixes: 5c6d1125f8db ("Smack: Transmute labels on specified directories") # v2.6.38.x
	15	Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
	16	Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
	17	Signed-off-by: Sasha Levin <sashal@kernel.org>
	18	---
	19	security/smack/smack_lsm.c \| 3 ++-
	20	1 file changed, 2 insertions(+), 1 deletion(-)
	21
	22	diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
	23	index 5388f143eecd8..0be25e05c1a03 100644
	24	--- a/security/smack/smack_lsm.c
	25	+++ b/security/smack/smack_lsm.c
	26	@@ -1280,7 +1280,8 @@ static int smack_inode_setxattr(struct dentry dentry, const char name,
	27	check_star = 1;
	28	} else if (strcmp(name, XATTR_NAME_SMACKTRANSMUTE) == 0) {
	29	check_priv = 1;
	30	- if (size != TRANS_TRUE_SIZE \|\|
	31	+ if (!S_ISDIR(d_backing_inode(dentry)->i_mode) \|\|
	32	+ size != TRANS_TRUE_SIZE \|\|
	33	strncmp(value, TRANS_TRUE, TRANS_TRUE_SIZE) != 0)
	34	rc = -EINVAL;
	35	} else
	36	--
	37	2.43.0
	38