summaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
Diffstat (limited to 'security')
-rw-r--r--security/selinux/hooks.c10
-rw-r--r--security/smack/smack_lsm.c3
2 files changed, 3 insertions, 10 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 17e6640bbf5b..55c78c318ccd 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -3356,15 +3356,9 @@ static int selinux_inode_listxattr(struct dentry *dentry)
static int selinux_inode_removexattr(struct mnt_idmap *idmap,
struct dentry *dentry, const char *name)
{
- if (strcmp(name, XATTR_NAME_SELINUX)) {
- int rc = cap_inode_removexattr(idmap, dentry, name);
- if (rc)
- return rc;
-
- /* Not an attribute we recognize, so just check the
- ordinary setattr permission. */
+ /* if not a selinux xattr, only check the ordinary setattr perm */
+ if (strcmp(name, XATTR_NAME_SELINUX))
return dentry_has_perm(current_cred(), dentry, FILE__SETATTR);
- }
if (!selinux_initialized())
return 0;
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 1833bd50d97a..7d6d58868775 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -1461,8 +1461,7 @@ static int smack_inode_removexattr(struct mnt_idmap *idmap,
strcmp(name, XATTR_NAME_SMACKMMAP) == 0) {
if (!smack_privileged(CAP_MAC_ADMIN))
rc = -EPERM;
- } else
- rc = cap_inode_removexattr(idmap, dentry, name);
+ }
if (rc != 0)
return rc;
generated by cgit v1.2.3 (git 2.39.0) at 2024-11-29 11:47:35 +0300