From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2CF0FE95A95 for ; Mon, 9 Oct 2023 13:51:59 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1377305AbjJINv6 (ORCPT ); Mon, 9 Oct 2023 09:51:58 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57216 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1377237AbjJINv5 (ORCPT ); Mon, 9 Oct 2023 09:51:57 -0400 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 55382AB for ; Mon, 9 Oct 2023 06:51:56 -0700 (PDT) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 81A22C433C8; Mon, 9 Oct 2023 13:51:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1696859515; bh=FgnKFMADbxsUyx4Wf3So8CP24dusaJrA63EVJ0obm5U=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=2cTowki7Y88H8X41Zewblyiv9Vf8X9GOSqQVCgeHqo8mqbZTCH3z06vcm74SvBAc8 09j2YZnS8XX59BbQ0v1ctSUvu6Gu/cyLWYz2iT7sD6vYs79K7skrnkb3H0oAgPHzZ7 G40cblKCTYYm2EIakVvPW8xX2l3Aiup4WETi3nLg= From: Greg Kroah-Hartman To: stable@vger.kernel.org Cc: Greg Kroah-Hartman , patches@lists.linux.dev, Vishal Goel , Casey Schaufler , Munehisa Kamata , Sasha Levin Subject: [PATCH 4.19 46/91] Smack:- Use overlay inode label in smack_inode_copy_up() Date: Mon, 9 Oct 2023 15:06:18 +0200 Message-ID: <20231009130113.121946269@linuxfoundation.org> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20231009130111.518916887@linuxfoundation.org> References: <20231009130111.518916887@linuxfoundation.org> User-Agent: quilt/0.67 X-stable: review X-Patchwork-Hint: ignore MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org 4.19-stable review patch. If anyone has any objections, please let me know. ------------------ From: Vishal Goel commit 387ef964460f14fe1c1ea29aba70e22731ea7cf7 upstream. Currently in "smack_inode_copy_up()" function, process label is changed with the label on parent inode. Due to which, process is assigned directory label and whatever file or directory created by the process are also getting directory label which is wrong label. Changes has been done to use label of overlay inode instead of parent inode. Signed-off-by: Vishal Goel Signed-off-by: Casey Schaufler [4.19: adjusted for the lack of helper functions] Fixes: d6d80cb57be4 ("Smack: Base support for overlayfs") Signed-off-by: Munehisa Kamata Signed-off-by: Sasha Levin --- security/smack/smack_lsm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 4f65d953fe318..a09a9c6bbdf63 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -4612,7 +4612,7 @@ static int smack_inode_copy_up(struct dentry *dentry, struct cred **new) /* * Get label from overlay inode and set it in create_sid */ - isp = d_inode(dentry->d_parent)->i_security; + isp = d_inode(dentry)->i_security; skp = isp->smk_inode; tsp->smk_task = skp; *new = new_creds; -- 2.40.1