ceph: only set CEPH_I_SEC_INITED if we got a MAC label
__ceph_getxattr will set the CEPH_I_SEC_INITED flag whenever it gets any xattr that starts with "security.". We only want to set that flag when fetching the MAC label for the currently-active LSM, however. Signed-off-by: Jeff Layton <jlayton@kernel.org> Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
This commit is contained in:
parent
668959a535
commit
026105ebb0
|
@ -892,7 +892,8 @@ ssize_t __ceph_getxattr(struct inode *inode, const char *name, void *value,
|
||||||
memcpy(value, xattr->val, xattr->val_len);
|
memcpy(value, xattr->val, xattr->val_len);
|
||||||
|
|
||||||
if (current->journal_info &&
|
if (current->journal_info &&
|
||||||
!strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN))
|
!strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN) &&
|
||||||
|
security_ismaclabel(name + XATTR_SECURITY_PREFIX_LEN))
|
||||||
ci->i_ceph_flags |= CEPH_I_SEC_INITED;
|
ci->i_ceph_flags |= CEPH_I_SEC_INITED;
|
||||||
out:
|
out:
|
||||||
spin_unlock(&ci->i_ceph_lock);
|
spin_unlock(&ci->i_ceph_lock);
|
||||||
|
|
Loading…
Reference in New Issue