mirror of
https://gitlab.com/apparmor/apparmor.git
synced 2025-03-04 08:24:42 +01:00
39 lines
1.1 KiB
Diff
39 lines
1.1 KiB
Diff
From: John Johansen <jjohansen@suse.de>
|
|
Subject: AppArmor: reintroduce ATTR_FILE
|
|
|
|
The fsetattr patch removed ATTR_FILE but AppArmor needs it to distinguish
|
|
file based writes.
|
|
|
|
Note: Now that LSMs must be static, it would be better to add a file
|
|
pointer argument to security_operations->inode_setattr() instead. Then
|
|
move the fs.h chunk to patches.apparmor/fsetattr-restore-ia_file. -jeffm
|
|
|
|
Signed-off-by: John Johansen <jjohansen@suse.de>
|
|
|
|
---
|
|
fs/open.c | 3 +++
|
|
include/linux/fs.h | 1 +
|
|
2 files changed, 4 insertions(+)
|
|
|
|
--- a/fs/open.c
|
|
+++ b/fs/open.c
|
|
@@ -207,6 +207,9 @@ int do_truncate(struct dentry *dentry, s
|
|
newattrs.ia_size = length;
|
|
newattrs.ia_valid = ATTR_SIZE | time_attrs;
|
|
|
|
+ if (filp)
|
|
+ newattrs.ia_valid |= ATTR_FILE;
|
|
+
|
|
/* Remove suid/sgid on truncate too */
|
|
newattrs.ia_valid |= should_remove_suid(dentry);
|
|
|
|
--- a/include/linux/fs.h
|
|
+++ b/include/linux/fs.h
|
|
@@ -331,6 +331,7 @@ typedef void (dio_iodone_t)(struct kiocb
|
|
#define ATTR_ATTR_FLAG 1024
|
|
#define ATTR_KILL_SUID 2048
|
|
#define ATTR_KILL_SGID 4096
|
|
+#define ATTR_FILE 8192
|
|
#define ATTR_KILL_PRIV 16384
|
|
#define ATTR_OPEN 32768 /* Truncating from open(O_TRUNC) */
|
|
|