Commit 51b15e79 authored Nov 16, 2023 by Roberto Sassu Committed by Casey Schaufler Jan 24, 2024

smack: Always determine inode labels in smack_inode_init_security()

The inode_init_security hook is already a good place to initialize the
in-memory inode. And that is also what SELinux does.

In preparation for this, move the existing smack_inode_init_security() code
outside the 'if (xattr)' condition, and set the xattr, if provided.

This change does not have any impact on the current code, since every time
security_inode_init_security() is called, the initxattr() callback is
passed and, thus, xattr is non-NULL.

Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>

parent ac02f007

security/smack/smack_lsm.c

+39 −39

Original line number	Diff line number	Diff line
		@@ -1000,7 +1000,6 @@ static int smack_inode_init_security(struct inode inode, struct inode dir,
		struct xattr *xattr = lsm_get_xattr_slot(xattrs, xattr_count);
		int may;

		if (xattr) {
		/*
		* If equal, transmuting already occurred in
		* smack_dentry_create_files_as(). No need to check again.
		@@ -1045,6 +1044,7 @@ static int smack_inode_init_security(struct inode inode, struct inode dir,
		}
		}

		if (xattr) {
		xattr->value = kstrdup(isp->smk_known, GFP_NOFS);
		if (!xattr->value)
		return -ENOMEM;