summaryrefslogtreecommitdiff
path: root/security/selinux/hooks.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/selinux/hooks.c')
-rw-r--r--security/selinux/hooks.c22
1 files changed, 22 insertions, 0 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index f9d398bc9dcd..e15e56081c0c 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -2848,6 +2848,27 @@ static int selinux_dentry_init_security(struct dentry *dentry, int mode,
return security_sid_to_context(newsid, (char **)ctx, ctxlen);
}
+static int selinux_dentry_create_files_as(struct dentry *dentry, int mode,
+ struct qstr *name,
+ const struct cred *old,
+ struct cred *new)
+{
+ u32 newsid;
+ int rc;
+ struct task_security_struct *tsec;
+
+ rc = selinux_determine_inode_label(old->security,
+ d_inode(dentry->d_parent), name,
+ inode_mode_to_security_class(mode),
+ &newsid);
+ if (rc)
+ return rc;
+
+ tsec = new->security;
+ tsec->create_sid = newsid;
+ return 0;
+}
+
static int selinux_inode_init_security(struct inode *inode, struct inode *dir,
const struct qstr *qstr,
const char **name,
@@ -6098,6 +6119,7 @@ static struct security_hook_list selinux_hooks[] = {
LSM_HOOK_INIT(sb_parse_opts_str, selinux_parse_opts_str),
LSM_HOOK_INIT(dentry_init_security, selinux_dentry_init_security),
+ LSM_HOOK_INIT(dentry_create_files_as, selinux_dentry_create_files_as),
LSM_HOOK_INIT(inode_alloc_security, selinux_inode_alloc_security),
LSM_HOOK_INIT(inode_free_security, selinux_inode_free_security),
generated by cgit v1.2.3 (git 2.39.0) at 2025-11-04 10:37:54 +0300