www.infradead.org Git - users/jedix/linux-maple.git/commit

author	Max Kellermann <max.kellermann@ionos.com>
	Fri, 13 Dec 2024 13:50:05 +0000 (13:50 +0000)
committer	Christian Brauner <brauner@kernel.org>
	Fri, 20 Dec 2024 21:07:56 +0000 (22:07 +0100)
commit	e5a8b6446c0d370716f193771ccacf3260a57534
tree	946f5d2ef90355d7b10ab6e6467887e1935b8653	tree
parent	86ad1a58f6a9453f49e06ef957a40a8dac00a13f	commit \| diff

cachefiles: Parse the "secctx" immediately

Instead of storing an opaque string, call security_secctx_to_secid()
right in the "secctx" command handler and store only the numeric
"secid".  This eliminates an unnecessary string allocation and allows
the daemon to receive errors when writing the "secctx" command instead
of postponing the error to the "bind" command handler.  For example,
if the kernel was built without `CONFIG_SECURITY`, "bind" will return
`EOPNOTSUPP`, but the daemon doesn't know why.  With this patch, the
"secctx" will instead return `EOPNOTSUPP` which is the right context
for this error.

This patch adds a boolean flag `have_secid` because I'm not sure if we
can safely assume that zero is the special secid value for "not set".
This appears to be true for SELinux, Smack and AppArmor, but since
this attribute is not documented, I'm unable to derive a stable
guarantee for that.

Signed-off-by: Max Kellermann <max.kellermann@ionos.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Link: https://lore.kernel.org/r/20241209141554.638708-1-max.kellermann@ionos.com/
Link: https://lore.kernel.org/r/20241213135013.2964079-6-dhowells@redhat.com
Signed-off-by: Christian Brauner <brauner@kernel.org>

fs/cachefiles/daemon.c		diff \| blob \| history
fs/cachefiles/internal.h		diff \| blob \| history
fs/cachefiles/security.c		diff \| blob \| history