Re: [PATCH RESEND] xfs: don't generate selinux audit messages for capability testing

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Mar 03, 2022 at 11:21:00AM -0600, Eric Sandeen wrote:
> On 2/28/22 8:50 PM, Darrick J. Wong wrote:
> > From: Darrick J. Wong <djwong@xxxxxxxxxx>
> > 
> > There are a few places where we test the current process' capability set
> > to decide if we're going to be more or less generous with resource
> > acquisition for a system call.  If the process doesn't have the
> > capability, we can continue the call, albeit in a degraded mode.
> > 
> > These are /not/ the actual security decisions, so it's not proper to use
> > capable(), which (in certain selinux setups) causes audit messages to
> > get logged.  Switch them to has_capability_noaudit.
> > 
> > Signed-off-by: Darrick J. Wong <djwong@xxxxxxxxxx>
> > Cc: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
> > Cc: Dave Chinner <david@xxxxxxxxxxxxx>
> 
> Thanks Darrick. This looks technically correct to me as well.
> 
> You might want to add a:
> 
> Fixes: 7317a03df703f ("xfs: refactor inode ownership change transaction/inode/quota allocation idiom")
> 
> because I /think/ that's the commit that moved the capable() checks out
> from under quota tests, and made the problem more visible.
> 
> And maybe:
> 
> Fixes: ea9a46e1c4925 ("xfs: only return detailed fsmap info if the caller has CAP_SYS_ADMIN")
> 
> as well?
> 
> It's not strictly fixing the former; AFAICT the problem existed when quota was
> enabled already, so I'll leave all that to your discretion.
> 
> Reviewed-by: Eric Sandeen <sandeen@xxxxxxxxxx>

Thank you.

--D

> Thanks,
> -Eric



[Index of Archives]     [XFS Filesystem Development (older mail)]     [Linux Filesystem Development]     [Linux Audio Users]     [Yosemite Trails]     [Linux Kernel]     [Linux RAID]     [Linux SCSI]


  Powered by Linux