diff options
author | Andreas Gruenbacher <agruenba@redhat.com> | 2016-11-10 22:18:28 +0100 |
---|---|---|
committer | Paul Moore <paul@paul-moore.com> | 2016-11-14 15:39:48 -0500 |
commit | db978da8fa1d0819b210c137d31a339149b88875 (patch) | |
tree | 877976508c0ebadc5372fecdb82f0e91121c1c1a /security | |
parent | 420591128cb206201dc444c2d42fb6f299b2ecd0 (diff) | |
download | op-kernel-dev-db978da8fa1d0819b210c137d31a339149b88875.zip op-kernel-dev-db978da8fa1d0819b210c137d31a339149b88875.tar.gz |
proc: Pass file mode to proc_pid_make_inode
Pass the file mode of the proc inode to be created to
proc_pid_make_inode. In proc_pid_make_inode, initialize inode->i_mode
before calling security_task_to_inode. This allows selinux to set
isec->sclass right away without introducing "half-initialized" inode
security structs.
Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'security')
-rw-r--r-- | security/selinux/hooks.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 1c07217..32beac8 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -3955,6 +3955,7 @@ static void selinux_task_to_inode(struct task_struct *p, struct inode_security_struct *isec = inode->i_security; u32 sid = task_sid(p); + isec->sclass = inode_mode_to_security_class(inode->i_mode); isec->sid = sid; isec->initialized = LABEL_INITIALIZED; } |