(Reposting with expanded 'cc' list.)
Included in the EVM hmac calculation is the i_mode. Any changes to
the i_mode need to be reflected in the hmac. shmem_mknod() currently
calls posix_acl_init(), which modifies the i_mode, after calling
security_inode_init_security(). This patch reverses the order in
which they are called.
Reported-by: Sven Vermeulen <sven.vermeu...@siphos.be>
Signed-off-by: Mimi Zohar <zo...@us.ibm.com>
---
mm/shmem.c | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
diff --git a/mm/shmem.c b/mm/shmem.c
index 1c44af7..398c195 100644
--- a/mm/shmem.c
+++ b/mm/shmem.c
@@ -1937,6 +1937,13 @@ shmem_mknod(struct inode *dir, struct dentry *dentry,
umode_t mode, dev_t dev)
inode = shmem_get_inode(dir->i_sb, dir, mode, dev, VM_NORESERVE);
if (inode) {
+#ifdef CONFIG_TMPFS_POSIX_ACL
+ error = generic_acl_init(inode, dir);
+ if (error) {
+ iput(inode);
+ return error;
+ }
+#endif
error = security_inode_init_security(inode, dir,
&dentry->d_name,
shmem_initxattrs, NULL);
@@ -1946,15 +1953,8 @@ shmem_mknod(struct inode *dir, struct dentry *dentry,
umode_t mode, dev_t dev)
return error;
}
}
-#ifdef CONFIG_TMPFS_POSIX_ACL
- error = generic_acl_init(inode, dir);
- if (error) {
- iput(inode);
- return error;
- }
-#else
+
error = 0;
-#endif
dir->i_size += BOGO_DIRENT_SIZE;
dir->i_ctime = dir->i_mtime = CURRENT_TIME;
d_instantiate(dentry, inode);
--
1.8.1.rc3
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
