Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-5.4 / 7128ea159d60a91b3f0a7d10a1ea7d62b53cda93
commit7128ea159d60a91b3f0a7d10a1ea7d62b53cda93[log] [tgz]
authorHimanshu Shukla <himanshu.sh@samsung.com>Thu Nov 10 16:17:49 2016 +0530
committerCasey Schaufler <casey@schaufler-ca.com>Thu Nov 10 11:21:52 2016 -0800
tree619eac3e523d6f16292dea2704cc9aa217a5b4d9
parent2097f59920ea81516d7783396683cad22c26d140 [diff]
SMACK: Do not apply star label in smack_setprocattr hook

Smack prohibits processes from using the star ("*") and web ("@") labels.
Checks have been added in other functions. In smack_setprocattr()
hook, only check for web ("@") label has been added and restricted
from applying web ("@") label.
Check for star ("*") label should also be added in smack_setprocattr()
hook. Return error should be "-EINVAL" not "-EPERM" as permission
is there for setting label but not the label value as star ("*") or
web ("@").

Signed-off-by: Himanshu Shukla <himanshu.sh@samsung.com>
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
1 file changed
tree: 619eac3e523d6f16292dea2704cc9aa217a5b4d9
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. firmware/
  8. fs/
  9. include/
  10. init/
  11. ipc/
  12. kernel/
  13. lib/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .cocciconfig
  24. .get_maintainer.ignore
  25. .gitattributes
  26. .gitignore
  27. .mailmap
  28. COPYING
  29. CREDITS
  30. Kbuild
  31. Kconfig
  32. MAINTAINERS
  33. Makefile
  34. README
  35. REPORTING-BUGS