diff options
| author |   Darrick J. Wong <djwong@kernel.org> | 2022-02-25 16:18:30 -0800 |
|---|---|---|
| committer | Darrick J. Wong <djwong@kernel.org> | 2022-03-09 10:32:06 -0800 |
| commit | eba0549bc7d100691c13384b774346b8aa9cf9a9 (patch) | |
| tree | 1be2c9ccae0253dc7e6b184a309657abf2e48036 /fs/xfs/xfs_iops.c | |
| parent | xfs: add missing cmap->br_state = XFS_EXT_NORM update (diff) | |
| download | linux-dev-eba0549bc7d100691c13384b774346b8aa9cf9a9.tar.xz linux-dev-eba0549bc7d100691c13384b774346b8aa9cf9a9.zip | |
xfs: don't generate selinux audit messages for capability testing
There are a few places where we test the current process' capability set
to decide if we're going to be more or less generous with resource
acquisition for a system call. If the process doesn't have the
capability, we can continue the call, albeit in a degraded mode.
These are /not/ the actual security decisions, so it's not proper to use
capable(), which (in certain selinux setups) causes audit messages to
get logged. Switch them to has_capability_noaudit.
Fixes: 7317a03df703f ("xfs: refactor inode ownership change transaction/inode/quota allocation idiom")
Fixes: ea9a46e1c4925 ("xfs: only return detailed fsmap info if the caller has CAP_SYS_ADMIN")
Signed-off-by: Darrick J. Wong <djwong@kernel.org>
Cc: Dave Chinner <david@fromorbit.com>
Reviewed-by: Ondrej Mosnacek <omosnace@redhat.com>
Acked-by: Serge Hallyn <serge@hallyn.com>
Reviewed-by: Eric Sandeen <sandeen@redhat.com>
Diffstat (limited to 'fs/xfs/xfs_iops.c')
| -rw-r--r-- | fs/xfs/xfs_iops.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/fs/xfs/xfs_iops.c b/fs/xfs/xfs_iops.c index b79b3846e71b..a65217f787cf 100644 --- a/fs/xfs/xfs_iops.c +++ b/fs/xfs/xfs_iops.c @@ -723,7 +723,7 @@ xfs_setattr_nonsize( } error = xfs_trans_alloc_ichange(ip, udqp, gdqp, NULL, - capable(CAP_FOWNER), &tp); + has_capability_noaudit(current, CAP_FOWNER), &tp); if (error) goto out_dqrele; |