Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp4399613imm; Tue, 11 Sep 2018 11:14:52 -0700 (PDT) X-Google-Smtp-Source: ANB0VdYtZ35GH4BTfPCTsit8cZBei5VObLkvEFT9aAW8vJv2Af1bBmwG3XqVZaE5xGgVLrjsxHi+ X-Received: by 2002:a63:4e25:: with SMTP id c37-v6mr29456824pgb.6.1536689692729; Tue, 11 Sep 2018 11:14:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1536689692; cv=none; d=google.com; s=arc-20160816; b=m2IXnNGP1VALTCNUqsF4fH6n4I3iqpzLlfGvN+73Wvrma4es28WCEnt09NxIk91me0 G+kqQEAIeWB//D/QOszL/h3LFfO+7lIPw2xOonsO1vs9RDN/wNOOjhN6hs9qYz5KKD21 JOYLbg1QJqX2nWTVQa0mVnSha1sQtPY4WLGovOLvaecYa7htpQJ6GCbM8gIIRVrZHdYy 7SNMc2HyBxgoJacxpZWmFwFaGHBVpVP5L/u9MoK7CY92MSc8i10jO0GLe4wWgY21AD0i orx+dLA0WIV3rYIcU5IgtfCSlI+K31zVSvOfGQl978CUESVY4ZRPot+88nMeQKFv/fkl J5JQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :organization:references:in-reply-to:date:cc:to:from:subject :message-id; bh=/O2GHbo5YWt4royxkfRjF9LEtbOzpQrmHMyW1yfwJdU=; b=I73NVPgZaNUPI9kfTMbxLocgCthcVIytN7IWCskjSKwlYyTvqQ7T3GAfUAGZpMA/oj nhCskGkt8gSa24eY4JN0KJrRysqnyxKWzX1jMxvBurDqkVfHFeyak6+msefs9H2LgSlY qMMVETjhE75PV+0rvTTNjyR55rDJNY2ICq7zxE+a5H5N5conxHgu7BiIU2H2oXVDwmAb WWtDait4M5vKQjWCbiy+IBRZQw1lY5Z7ABI3DrDQZSQuOBQ+nXks4AoDIrL7weGJs2aO EGXQsKIlKf3o4/6dD0eqAVq0ImSSj2G7f6OED2NQTtFT6SfNseWI+tJ0JVq3vXEUiZ/D QrGA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=codethink.co.uk Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x12-v6si21586900pgj.175.2018.09.11.11.14.35; Tue, 11 Sep 2018 11:14:52 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=codethink.co.uk Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728135AbeIKXOm (ORCPT + 99 others); Tue, 11 Sep 2018 19:14:42 -0400 Received: from imap1.codethink.co.uk ([176.9.8.82]:50421 "EHLO imap1.codethink.co.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726689AbeIKXOm (ORCPT ); Tue, 11 Sep 2018 19:14:42 -0400 Received: from shadbolt.e.decadent.org.uk ([88.96.1.126] helo=xylophone) by imap1.codethink.co.uk with esmtpsa (Exim 4.84_2 #1 (Debian)) id 1fznAu-0008EX-Ey; Tue, 11 Sep 2018 19:14:08 +0100 Message-ID: <1536689647.3024.129.camel@codethink.co.uk> Subject: Re: [PATCH 4.4 22/79] Smack: Mark inode instant in smack_task_to_inode From: Ben Hutchings To: Casey Schaufler , James Morris Cc: stable@vger.kernel.org, Sasha Levin , Greg Kroah-Hartman , LKML Date: Tue, 11 Sep 2018 19:14:07 +0100 In-Reply-To: <20180823074920.150267602@linuxfoundation.org> References: <20180823074918.641878835@linuxfoundation.org> <20180823074920.150267602@linuxfoundation.org> Organization: Codethink Ltd. Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.22.6-1+deb9u1 Mime-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, 2018-08-23 at 09:52 +0200, Greg Kroah-Hartman wrote: > 4.4-stable review patch.  If anyone has any objections, please let me know. > > ------------------ > > From: Casey Schaufler > > [ Upstream commit 7b4e88434c4e7982fb053c49657e1c8bbb8692d9 ] > > Smack: Mark inode instant in smack_task_to_inode > > /proc clean-up in commit 1bbc55131e59bd099fdc568d3aa0b42634dbd188 That change ("/proc clean-up") only went into 4.18 and hasn't been backported to stable, so does this make sense for earlier stable branches? Ben. > resulted in smack_task_to_inode() being called before smack_d_instantiate. > This resulted in the smk_inode value being ignored, even while present > for files in /proc/self. Marking the inode as instant here fixes that. > > Signed-off-by: Casey Schaufler > Signed-off-by: James Morris > Signed-off-by: Sasha Levin > Signed-off-by: Greg Kroah-Hartman > --- >  security/smack/smack_lsm.c |    1 + >  1 file changed, 1 insertion(+) > > --- a/security/smack/smack_lsm.c > +++ b/security/smack/smack_lsm.c > @@ -2260,6 +2260,7 @@ static void smack_task_to_inode(struct t >   struct smack_known *skp = smk_of_task_struct(p); >   >   isp->smk_inode = skp; > + isp->smk_flags |= SMK_INODE_INSTANT; >  } >   >  /* > > > -- Ben Hutchings, Software Developer   Codethink Ltd https://www.codethink.co.uk/ Dale House, 35 Dale Street Manchester, M1 2HF, United Kingdom