ae6e84596e
Copies the lower inode attributes to the upper inode before passing the upper inode to d_instantiate(). This is important for security_d_instantiate(). The problem was discovered by a user seeing SELinux denials like so: type=AVC msg=audit(1236812817.898:47): avc: denied { 0x100000 } for pid=3584 comm="httpd" name="testdir" dev=ecryptfs ino=943872 scontext=root:system_r:httpd_t:s0 tcontext=root:object_r:httpd_sys_content_t:s0 tclass=file Notice target class is file while testdir is really a directory, confusing the permission translation (0x100000) due to the wrong i_mode. Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com> |
||
---|---|---|
.. | ||
crypto.c | ||
debug.c | ||
dentry.c | ||
ecryptfs_kernel.h | ||
file.c | ||
inode.c | ||
Kconfig | ||
keystore.c | ||
kthread.c | ||
main.c | ||
Makefile | ||
messaging.c | ||
miscdev.c | ||
mmap.c | ||
read_write.c | ||
super.c |