summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeff Layton <jlayton@redhat.com>2014-03-05 21:47:37 +0400
committerJames Morris <james.l.morris@oracle.com>2014-03-07 04:50:01 +0400
commitd4a141c8e77043bd674dd6aa0b40bc3675cb7b1d (patch)
treec2316156f377d13be833690ebc06b7c3719b24f0
parent864f32a52b53341c54a25953afb5b66ed79a7f76 (diff)
downloadlinux-d4a141c8e77043bd674dd6aa0b40bc3675cb7b1d.tar.xz
security: have cap_dentry_init_security return error
Currently, cap_dentry_init_security returns 0 without actually initializing the security label. This confuses its only caller (nfs4_label_init_security) which expects an error in that situation, and causes it to end up sending out junk onto the wire instead of simply suppressing the label in the attributes sent. When CONFIG_SECURITY is disabled, security_dentry_init_security returns -EOPNOTSUPP. Have cap_dentry_init_security do the same. Signed-off-by: Jeff Layton <jlayton@redhat.com> Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com> Signed-off-by: James Morris <james.l.morris@oracle.com>
-rw-r--r--security/capability.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/security/capability.c b/security/capability.c
index 8b4f24ae4338..9323bbeba296 100644
--- a/security/capability.c
+++ b/security/capability.c
@@ -116,7 +116,7 @@ static int cap_dentry_init_security(struct dentry *dentry, int mode,
struct qstr *name, void **ctx,
u32 *ctxlen)
{
- return 0;
+ return -EOPNOTSUPP;
}
static int cap_inode_alloc_security(struct inode *inode)