From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linuxfoundation.org ([140.211.169.12]:55086 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750791AbbG1WBL (ORCPT ); Tue, 28 Jul 2015 18:01:11 -0400 Date: Tue, 28 Jul 2015 15:01:10 -0700 From: Greg KH To: Mimi Zohar Cc: stable@vger.kernel.org Subject: Re: [PATCH] evm: labeling pseudo filesystems exception Message-ID: <20150728220110.GA13914@kroah.com> References: <1438119190-24399-1-git-send-email-zohar@linux.vnet.ibm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1438119190-24399-1-git-send-email-zohar@linux.vnet.ibm.com> Sender: stable-owner@vger.kernel.org List-ID: On Tue, Jul 28, 2015 at 05:33:10PM -0400, Mimi Zohar wrote: > To prevent offline stripping of existing file xattrs and relabeling of > them at runtime, EVM allows only newly created files to be labeled. As > pseudo filesystems are not persistent, stripping of xattrs is not a > concern. > > Some LSMs defer file labeling on pseudo filesystems. This patch > permits the labeling of existing files on pseudo files systems. > > Signed-off-by: Mimi Zohar > (cherry picked from commit 5101a1850bb7ccbf107929dee9af0cd2f400940f) > --- > security/integrity/evm/evm_main.c | 11 +++++++++++ > 1 file changed, 11 insertions(+) What stable kernel version(s) do you want this applied to?