git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Roberto Sassu <roberto.sassu@huawei.com>
	Fri, 31 Mar 2023 12:32:18 +0000 (14:32 +0200)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Wed, 17 May 2023 09:11:38 +0000 (11:11 +0200)
commit	39075fe72581cd0b8f256ed9694b6b875bae61e2
tree	bcfb72302affd150ec346ad53a34adb8c7a889f0	tree
parent	372c5ee537b8366b64b691ba29e9335525e1655e	commit \| diff

reiserfs: Add security prefix to xattr name in reiserfs_security_write()

commit d82dcd9e21b77d338dc4875f3d4111f0db314a7c upstream.

Reiserfs sets a security xattr at inode creation time in two stages: first,
it calls reiserfs_security_init() to obtain the xattr from active LSMs;
then, it calls reiserfs_security_write() to actually write that xattr.

Unfortunately, it seems there is a wrong expectation that LSMs provide the
full xattr name in the form 'security.<suffix>'. However, LSMs always
provided just the suffix, causing reiserfs to not write the xattr at all
(if the suffix is shorter than the prefix), or to write an xattr with the
wrong name.

Add a temporary buffer in reiserfs_security_write(), and write to it the
full xattr name, before passing it to reiserfs_xattr_set_handle().

Also replace the name length check with a check that the full xattr name is
not larger than XATTR_NAME_MAX.

Cc: stable@vger.kernel.org # v2.6.x
Fixes: 57fe60df6241 ("reiserfs: add atomic addition of selinux attributes during inode creation")
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>