summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorAndreas Gruenbacher <agruenba@redhat.com>2016-11-10 22:18:28 +0100
committerPaul Moore <paul@paul-moore.com>2016-11-14 21:39:48 +0100
commitdb978da8fa1d0819b210c137d31a339149b88875 (patch)
tree877976508c0ebadc5372fecdb82f0e91121c1c1a /security
parentselinux: Minor cleanups (diff)
downloadlinux-db978da8fa1d0819b210c137d31a339149b88875.tar.xz
linux-db978da8fa1d0819b210c137d31a339149b88875.zip
proc: Pass file mode to proc_pid_make_inode
Pass the file mode of the proc inode to be created to proc_pid_make_inode. In proc_pid_make_inode, initialize inode->i_mode before calling security_task_to_inode. This allows selinux to set isec->sclass right away without introducing "half-initialized" inode security structs. Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'security')
-rw-r--r--security/selinux/hooks.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 1c0721708ccc..32beac817bf5 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -3955,6 +3955,7 @@ static void selinux_task_to_inode(struct task_struct *p,
struct inode_security_struct *isec = inode->i_security;
u32 sid = task_sid(p);
+ isec->sclass = inode_mode_to_security_class(inode->i_mode);
isec->sid = sid;
isec->initialized = LABEL_INITIALIZED;
}