fs.xattr.simple.noaudit.v6.2

-----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCgAdFiEEkJ7fqygL5xE8uB3PUwOZruX0MckFAmOTX7AACgkQUwOZruX0
 MclZNgf/XAoQbNRkB0H8oi3CS7RWl0iBlmPLKtNo39NuNgW6RCDY4F9rYt6F+dfq
 P4EuYayZwYw9g/JotEVXtg6Sp7FINKHkMMvlvwa+VsN1fPVM1AbD4mos5imDsj0f
 tkDVNXHsEOIc2tq0Ov9KUARCN59WpjV5dS0YQmCEsABIJQ1yu9FbCfm6WX3tH4Wd
 l+z6SSU38ZjQw4fSsc4rEqxf3imynCz9fVJYdfUKsg5WH7TswBQbYEAExMPhd6df
 qioM1t9u/nBFhOjw1VVgElx7PUijANczyiatU00jNRbMjCLlZcs5yjvv5XTgfRIe
 u2UJZJB0+6eTqAjA8neC4Z6eKnezwQ==
 =Cizh
 -----END PGP SIGNATURE-----

Merge tag 'fs.xattr.simple.noaudit.v6.2' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/idmapping

Pull xattr audit fix from Seth Forshee:
 "This is a single patch to remove auditing of the capability check in
  simple_xattr_list().

  This check is done to check whether trusted xattrs should be included
  by listxattr(2). SELinux will normally log a denial when capable() is
  called and the task's SELinux context doesn't have the corresponding
  capability permission allowed, which can end up spamming the log.

  Since a failed check here cannot be used to infer malicious intent,
  auditing is of no real value, and it makes sense to stop auditing the
  capability check"

* tag 'fs.xattr.simple.noaudit.v6.2' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/idmapping:
  fs: don't audit the capability check in simple_xattr_list()
This commit is contained in:
Linus Torvalds 2022-12-12 20:29:45 -08:00
commit 07d7a4d696

View File

@ -1158,7 +1158,7 @@ static int xattr_list_one(char **buffer, ssize_t *remaining_size,
ssize_t simple_xattr_list(struct inode *inode, struct simple_xattrs *xattrs,
char *buffer, size_t size)
{
bool trusted = capable(CAP_SYS_ADMIN);
bool trusted = ns_capable_noaudit(&init_user_ns, CAP_SYS_ADMIN);
struct simple_xattr *xattr;
ssize_t remaining_size = size;
int err = 0;