Commit e312f536 authored May 19, 2026 by Linus Torvalds

Merge tag 'lsm-pr-20260519' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm

Pull lsm fix from Paul Moore:
 "A single LSM patch to add a missing credential mutex lock to the
  lsm_set_self_attr(2) syscall so it behaves similar to the associated
  procfs API and avoids issues with ptrace"

* tag 'lsm-pr-20260519' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm:
  lsm: hold cred_guard_mutex for lsm_set_self_attr()

parents 27fa8262 4a9b1654

security/lsm_syscalls.c

+8 −1

Original line number	Diff line number	Diff line
		@@ -57,7 +57,14 @@ u64 lsm_name_to_attr(const char *name)
		SYSCALL_DEFINE4(lsm_set_self_attr, unsigned int, attr, struct lsm_ctx __user *,
		ctx, u32, size, u32, flags)
		{
		return security_setselfattr(attr, ctx, size, flags);
		int rc;

		rc = mutex_lock_interruptible(&current->signal->cred_guard_mutex);
		if (rc < 0)
		return rc;
		rc = security_setselfattr(attr, ctx, size, flags);
		mutex_unlock(&current->signal->cred_guard_mutex);
		return rc;
		}

		/**