Re: [PATCH 1/1] selinux: Add xfs quota command types

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Feb 20, 2020 at 10:32 AM Richard Haines
<richard_c_haines@xxxxxxxxxxxxxx> wrote:
>
> Add Q_XQUOTAOFF, Q_XQUOTAON and Q_XSETQLIM to trigger filesystem quotamod
> permission check.
>
> Add Q_XGETQUOTA, Q_XGETQSTAT, Q_XGETQSTATV and Q_XGETNEXTQUOTA to trigger
> filesystem quotaget permission check.
>
> Signed-off-by: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
> ---
>  security/selinux/hooks.c | 7 +++++++
>  1 file changed, 7 insertions(+)

Thanks Richard, I've merged this into selinux/next.

> diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
> index 46a8f3e7d..974228313 100644
> --- a/security/selinux/hooks.c
> +++ b/security/selinux/hooks.c
> @@ -2145,11 +2145,18 @@ static int selinux_quotactl(int cmds, int type, int id, struct super_block *sb)
>         case Q_QUOTAOFF:
>         case Q_SETINFO:
>         case Q_SETQUOTA:
> +       case Q_XQUOTAOFF:
> +       case Q_XQUOTAON:
> +       case Q_XSETQLIM:
>                 rc = superblock_has_perm(cred, sb, FILESYSTEM__QUOTAMOD, NULL);
>                 break;
>         case Q_GETFMT:
>         case Q_GETINFO:
>         case Q_GETQUOTA:
> +       case Q_XGETQUOTA:
> +       case Q_XGETQSTAT:
> +       case Q_XGETQSTATV:
> +       case Q_XGETNEXTQUOTA:
>                 rc = superblock_has_perm(cred, sb, FILESYSTEM__QUOTAGET, NULL);
>                 break;
>         default:
> --
> 2.24.1

-- 
paul moore
www.paul-moore.com



[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux