diff options
author | Casey Schaufler <casey@schaufler-ca.com> | 2011-09-19 12:41:42 -0700 |
---|---|---|
committer | Casey Schaufler <cschaufler@cschaufler-intel.(none)> | 2011-10-12 14:24:28 -0700 |
commit | 531f1d453ed8a8acee4015bd64e7bcc2eab939e4 (patch) | |
tree | 0dd06c1ecc894444c42350c76c5712899d2ddb78 /security/smack/smack.h | |
parent | 272cd7a8c67dd40a31ecff76a503bbb84707f757 (diff) | |
download | linux-531f1d453ed8a8acee4015bd64e7bcc2eab939e4.tar.bz2 |
Smack: Repair processing of fcntl
Al Viro pointed out that the processing of fcntl done
by Smack appeared poorly designed. He was right. There
are three things that required change. Most obviously,
the list of commands that really imply writing is limited
to those involving file locking and signal handling.
The initialization if the file security blob was
incomplete, requiring use of a heretofore unused LSM hook.
Finally, the audit information coming from a helper
masked the identity of the LSM hook. This patch corrects
all three of these defects.
This is targeted for the smack-next tree pending comments.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Diffstat (limited to 'security/smack/smack.h')
0 files changed, 0 insertions, 0 deletions