Smack: Repair processing of fcntl
authorCasey Schaufler <casey@schaufler-ca.com>
Mon, 19 Sep 2011 19:41:42 +0000 (12:41 -0700)
committerCasey Schaufler <cschaufler@cschaufler-intel.(none)>
Wed, 12 Oct 2011 21:24:28 +0000 (14:24 -0700)
commit531f1d453ed8a8acee4015bd64e7bcc2eab939e4
tree0dd06c1ecc894444c42350c76c5712899d2ddb78
parent272cd7a8c67dd40a31ecff76a503bbb84707f757
Smack: Repair processing of fcntl

Al Viro pointed out that the processing of fcntl done
by Smack appeared poorly designed. He was right. There
are three things that required change. Most obviously,
the list of commands that really imply writing is limited
to those involving file locking and signal handling.
The initialization if the file security blob was
incomplete, requiring use of a heretofore unused LSM hook.
Finally, the audit information coming from a helper
masked the identity of the LSM hook. This patch corrects
all three of these defects.

This is targeted for the smack-next tree pending comments.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
security/smack/smack_lsm.c