Patch "ceph: set sec_context xattr on symlink creation" has been added to the 5.7-stable tree

<gregkh@xxxxxxxxxxxxxxxxxxx> · Wed, 19 Aug 2020 15:06:47 +0200

This is a note to let you know that I've just added the patch titled

    ceph: set sec_context xattr on symlink creation

to the 5.7-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     ceph-set-sec_context-xattr-on-symlink-creation.patch
and it can be found in the queue-5.7 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From b748fc7a8763a5b3f8149f12c45711cd73ef8176 Mon Sep 17 00:00:00 2001
From: Jeff Layton <jlayton@xxxxxxxxxx>
Date: Tue, 28 Jul 2020 10:34:20 -0400
Subject: ceph: set sec_context xattr on symlink creation

From: Jeff Layton <jlayton@xxxxxxxxxx>

commit b748fc7a8763a5b3f8149f12c45711cd73ef8176 upstream.

Symlink inodes should have the security context set in their xattrs on
creation. We already set the context on creation, but we don't attach
the pagelist. The effect is that symlink inodes don't get an SELinux
context set on them at creation, so they end up unlabeled instead of
inheriting the proper context. Make it do so.

Cc: stable@xxxxxxxxxxxxxxx
Signed-off-by: Jeff Layton <jlayton@xxxxxxxxxx>
Reviewed-by: Ilya Dryomov <idryomov@xxxxxxxxx>
Signed-off-by: Ilya Dryomov <idryomov@xxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
 fs/ceph/dir.c |    4 ++++
 1 file changed, 4 insertions(+)

--- a/fs/ceph/dir.c
+++ b/fs/ceph/dir.c
@@ -924,6 +924,10 @@ static int ceph_symlink(struct inode *di
 	req->r_num_caps = 2;
 	req->r_dentry_drop = CEPH_CAP_FILE_SHARED | CEPH_CAP_AUTH_EXCL;
 	req->r_dentry_unless = CEPH_CAP_FILE_EXCL;
+	if (as_ctx.pagelist) {
+		req->r_pagelist = as_ctx.pagelist;
+		as_ctx.pagelist = NULL;
+	}
 	err = ceph_mdsc_do_request(mdsc, dir, req);
 	if (!err && !req->r_reply_info.head->is_dentry)
 		err = ceph_handle_notrace_create(dir, dentry);


Patches currently in stable-queue which might be from jlayton@xxxxxxxxxx are

queue-5.7/ceph-set-sec_context-xattr-on-symlink-creation.patch
queue-5.7/ceph-handle-zero-length-feature-mask-in-session-messages.patch






