UbiquitousOS
/
OpenCloudOS-Kernel
mirror of https://gitee.com/OpenCloudOS/OpenCloudOS-Kernel.git
11
0
Fork 0
Code Issues Projects Releases Wiki Activity
OpenCloudOS-Kernel/drivers/target
History
Maurizio Lombardi 2f35afac27 scsi: target: Fix SELinux error when systemd-modules loads the target module 
[ Upstream commit 97a54ef596c3fd24ec2b227ba8aaf2cf5415e779 ]

If the systemd-modules service loads the target module, the credentials of
that userspace process will be used to validate the access to the target db
directory.  SELinux will prevent it, reporting an error like the following:

kernel: audit: type=1400 audit(1676301082.205:4): avc: denied  { read }
for  pid=1020 comm="systemd-modules" name="target" dev="dm-3"
ino=4657583 scontext=system_u:system_r:systemd_modules_load_t:s0
tcontext=system_u:object_r:targetd_etc_rw_t:s0 tclass=dir permissive=0

Fix the error by using the kernel credentials to access the db directory

Signed-off-by: Maurizio Lombardi <mlombard@redhat.com>
Link: https://lore.kernel.org/r/20240215143944.847184-2-mlombard@redhat.com
Reviewed-by: Mike Christie <michael.christie@oracle.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2024-05-17 12:02:15 +02:00
..
iscsi Merge patch series "scsi: target: iscsi: Get rid of sprintf in iscsi_target_configfs.c" 2023-07-31 12:11:17 -04:00
loopback scsi: target: tcm_loop: Remove redundant driver match function 2023-03-24 20:44:14 -04:00
sbp scsi: target: sbp: Remove default fabric ops callouts 2023-03-16 23:36:36 -04:00
tcm_fc scsi: target: fcoe: Remove default fabric ops callouts 2023-03-16 23:36:36 -04:00
tcm_remote scsi: target: Add virtual remote target 2023-03-16 23:36:37 -04:00
Kconfig scsi: target: Add virtual remote target 2023-03-16 23:36:37 -04:00
Makefile scsi: target: Add virtual remote target 2023-03-16 23:36:37 -04:00
target_core_alua.c scsi: target: core: Use RTPI from target port 2023-03-09 21:29:23 -05:00
target_core_alua.h
target_core_configfs.c scsi: target: Fix SELinux error when systemd-modules loads the target module 2024-05-17 12:02:15 +02:00
target_core_device.c scsi: target: core: Add TMF to tmr_list handling 2024-03-01 13:34:48 +01:00
target_core_fabric_configfs.c scsi: target: core: Fix invalid memory access 2023-04-11 20:49:43 -04:00
target_core_fabric_lib.c
target_core_file.c scsi: target: core: add missing file_{start,end}_write() 2024-01-25 15:35:45 -08:00
target_core_file.h
target_core_hba.c
target_core_iblock.c SCSI misc on 20230902 2023-09-02 12:02:41 -07:00
target_core_iblock.h
target_core_internal.h Merge patch series "target: TMF and recovery fixes" 2023-03-24 17:39:15 -04:00
target_core_pr.c Merge patch series "Use block pr_ops in LIO" 2023-05-22 16:35:02 -04:00
target_core_pr.h
target_core_pscsi.c scsi: target: pscsi: Fix bio_put() for error case 2024-03-01 13:34:59 +01:00
target_core_pscsi.h
target_core_rd.c scsi: target: Rename sbc_ops to exec_cmd_ops 2023-04-11 21:55:36 -04:00
target_core_rd.h
target_core_sbc.c scsi: target: Rename sbc_ops to exec_cmd_ops 2023-04-11 21:55:36 -04:00
target_core_spc.c Merge patch series "Use block pr_ops in LIO" 2023-05-22 16:35:02 -04:00
target_core_stat.c scsi: target: core: Use RTPI from target port 2023-03-09 21:29:23 -05:00
target_core_tmr.c scsi: target: Fix multiple LUN_RESET handling 2023-03-24 17:32:23 -04:00
target_core_tpg.c Merge patch series "target: TMF and recovery fixes" 2023-03-24 17:39:15 -04:00
target_core_transport.c scsi: target: core: Add TMF to tmr_list handling 2024-03-01 13:34:48 +01:00
target_core_ua.c
target_core_ua.h
target_core_user.c scsi: target: tcmu: Replace strlcpy() with strscpy() 2023-06-21 21:13:00 -04:00
target_core_xcopy.c scsi: target: Pass in cmd counter to use during cmd setup 2023-03-24 17:32:23 -04:00
target_core_xcopy.h scsi: target: core: Change the way target_xcopy_do_work() sets restiction on max I/O 2022-11-24 02:16:19 +00:00