From: Jeff Layton <jlayton@kernel.org>
Date: Tue, 6 Aug 2019 14:41:40 +0000 (-0400)
Subject: ceph: only set CEPH_I_SEC_INITED if we got a MAC label
X-Git-Url: http://git.maquefel.me/?a=commitdiff_plain;h=026105ebb0364fb2155ef3eba65f250efc7aeb45;p=linux.git

ceph: only set CEPH_I_SEC_INITED if we got a MAC label

__ceph_getxattr will set the CEPH_I_SEC_INITED flag whenever it gets
any xattr that starts with "security.". We only want to set that flag
when fetching the MAC label for the currently-active LSM, however.

Signed-off-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
---

diff --git a/fs/ceph/xattr.c b/fs/ceph/xattr.c
index 5c608caf0190b..410eaf1ba2112 100644
--- a/fs/ceph/xattr.c
+++ b/fs/ceph/xattr.c
@@ -892,7 +892,8 @@ ssize_t __ceph_getxattr(struct inode *inode, const char *name, void *value,
 	memcpy(value, xattr->val, xattr->val_len);
 
 	if (current->journal_info &&
-	    !strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN))
+	    !strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN) &&
+	    security_ismaclabel(name + XATTR_SECURITY_PREFIX_LEN))
 		ci->i_ceph_flags |= CEPH_I_SEC_INITED;
 out:
 	spin_unlock(&ci->i_ceph_lock);