summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorLuca Boccassi <bluca@debian.org>2024-09-25 23:01:33 +0200
committerFan Wu <wufan@kernel.org>2024-10-17 20:37:13 +0200
commit579941899db4f972507df3bf783518e606bb095a (patch)
tree45046a8e51b280f0f36d22e70d52ccbcf2797510 /security
parentLinux 6.12-rc3 (diff)
downloadlinux-579941899db4f972507df3bf783518e606bb095a.tar.xz
linux-579941899db4f972507df3bf783518e606bb095a.zip
ipe: return -ESTALE instead of -EINVAL on update when new policy has a lower version
When loading policies in userspace we want a recognizable error when an update attempts to use an old policy, as that is an error that needs to be treated differently from an invalid policy. Use -ESTALE as it is clear enough for an update mechanism. Signed-off-by: Luca Boccassi <bluca@debian.org> Reviewed-by: Serge Hallyn <serge@hallyn.com> Signed-off-by: Fan Wu <wufan@kernel.org>
Diffstat (limited to 'security')
-rw-r--r--security/ipe/policy.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/security/ipe/policy.c b/security/ipe/policy.c
index d8e7db857a2e..dcaac8c4bb38 100644
--- a/security/ipe/policy.c
+++ b/security/ipe/policy.c
@@ -107,7 +107,7 @@ int ipe_update_policy(struct inode *root, const char *text, size_t textlen,
}
if (ver_to_u64(old) > ver_to_u64(new)) {
- rc = -EINVAL;
+ rc = -ESTALE;
goto err;
}