eCryptfs: Copy lower inode attrs before dentry instantiation - linux

diff options

author	Tyler Hicks <tyhicks@linux.vnet.ibm.com>	2009-03-12 06:19:46 +0100
committer	Tyler Hicks <tyhicks@linux.vnet.ibm.com>	2009-04-22 10:54:12 +0200
commit	ae6e84596e7b321d9a08e81679c6a3f799634636 (patch)
tree	a81baed56b7384321cf3d282e2d41f785fe30853 /fs/binfmt_elf.c
parent	Linux 2.6.30-rc3 (diff)
download	linux-ae6e84596e7b321d9a08e81679c6a3f799634636.tar.xz linux-ae6e84596e7b321d9a08e81679c6a3f799634636.zip

eCryptfs: Copy lower inode attrs before dentry instantiation

Copies the lower inode attributes to the upper inode before passing the upper inode to d_instantiate(). This is important for security_d_instantiate(). The problem was discovered by a user seeing SELinux denials like so: type=AVC msg=audit(1236812817.898:47): avc: denied { 0x100000 } for pid=3584 comm="httpd" name="testdir" dev=ecryptfs ino=943872 scontext=root:system_r:httpd_t:s0 tcontext=root:object_r:httpd_sys_content_t:s0 tclass=file Notice target class is file while testdir is really a directory, confusing the permission translation (0x100000) due to the wrong i_mode. Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>

Diffstat (limited to 'fs/binfmt_elf.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: