This patch provide changes in order to allow uid/gid/mode changes for inode without xattr support. Signed-off-by: Mikhail Kurinnoi <viewizard@xxxxxxxxxxxxx> security/integrity/evm/evm_main.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c index 9826c02e2db8..e365ea39a3ed 100644 --- a/security/integrity/evm/evm_main.c +++ b/security/integrity/evm/evm_main.c @@ -431,7 +431,8 @@ int evm_inode_setattr(struct dentry *dentry, struct iattr *attr) unsigned int ia_valid = attr->ia_valid; enum integrity_status evm_status; - if (!(ia_valid & (ATTR_MODE | ATTR_UID | ATTR_GID))) + if (!(ia_valid & (ATTR_MODE | ATTR_UID | ATTR_GID)) || + !(d_backing_inode(dentry)->i_opflags & IOP_XATTR)) return 0; evm_status = evm_verify_current_integrity(dentry); if ((evm_status == INTEGRITY_PASS) ||
