diff options
| author | Casey Schaufler <casey@schaufler-ca.com> | 2026-03-22 11:04:06 -0700 |
|---|---|---|
| committer | Casey Schaufler <casey@schaufler-ca.com> | 2026-03-23 08:24:15 -0700 |
| commit | b2faddc13112489f8f11eb40b9456db8c1b58362 (patch) | |
| tree | d20e72921463b3ec34d7b29e59f1ad8dc2b0db5d /security | |
| parent | f338e77383789c0cae23ca3d48adcc5e9e137e3c (diff) | |
| download | linux-next-history-b2faddc13112489f8f11eb40b9456db8c1b58362.tar.gz | |
Smack: Fix error in capability bypass
A bug in smack_inode_xattr_skipcap() was introduced in the inode
capability handling. The strncmp guard at the top of the function
is coded backwards, resulting in consistently incorrect results.
Correct the check, and the code functions as it should. The error
manifests as requiring CAP_SYS_ADMIN as well as CAP_MAC_ADMIN to
change an inode's MAC attributes.
Fixes: 61df7b828204 ("lsm: fixup the inode xattr capability handling")
Reported-by: Bumjin Im <imbumjin@gmail.com>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Diffstat (limited to 'security')
| -rw-r--r-- | security/smack/smack_lsm.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 98af9d7b94346..f4ef840b203ea 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -1312,7 +1312,7 @@ static int smack_inode_getattr(const struct path *path) */ static int smack_inode_xattr_skipcap(const char *name) { - if (strncmp(name, XATTR_SMACK_SUFFIX, strlen(XATTR_SMACK_SUFFIX))) + if (strncmp(name, XATTR_SMACK_SUFFIX, strlen(XATTR_SMACK_SUFFIX)) == 0) return 0; if (strcmp(name, XATTR_NAME_SMACK) == 0 || |