diff options
author | Jeff Layton <jlayton@redhat.com> | 2014-03-05 12:47:37 -0500 |
---|---|---|
committer | James Morris <james.l.morris@oracle.com> | 2014-03-07 11:50:01 +1100 |
commit | d4a141c8e77043bd674dd6aa0b40bc3675cb7b1d (patch) | |
tree | c2316156f377d13be833690ebc06b7c3719b24f0 /security | |
parent | 864f32a52b53341c54a25953afb5b66ed79a7f76 (diff) | |
download | op-kernel-dev-d4a141c8e77043bd674dd6aa0b40bc3675cb7b1d.zip op-kernel-dev-d4a141c8e77043bd674dd6aa0b40bc3675cb7b1d.tar.gz |
security: have cap_dentry_init_security return error
Currently, cap_dentry_init_security returns 0 without actually
initializing the security label. This confuses its only caller
(nfs4_label_init_security) which expects an error in that situation, and
causes it to end up sending out junk onto the wire instead of simply
suppressing the label in the attributes sent.
When CONFIG_SECURITY is disabled, security_dentry_init_security returns
-EOPNOTSUPP. Have cap_dentry_init_security do the same.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
Diffstat (limited to 'security')
-rw-r--r-- | security/capability.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/security/capability.c b/security/capability.c index 8b4f24a..9323bbe 100644 --- a/security/capability.c +++ b/security/capability.c @@ -116,7 +116,7 @@ static int cap_dentry_init_security(struct dentry *dentry, int mode, struct qstr *name, void **ctx, u32 *ctxlen) { - return 0; + return -EOPNOTSUPP; } static int cap_inode_alloc_security(struct inode *inode) |