smack: Retrieve transmuting information in smack_inode_getsecurity()

Enhance smack_inode_getsecurity() to retrieve the value for
SMACK64TRANSMUTE from the inode security blob, similarly to SMACK64.

This helps to display accurate values in the situation where the security
labels come from mount options and not from xattrs.

Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
This commit is contained in:
Roberto Sassu 2023-05-08 19:02:33 +02:00 committed by Casey Schaufler
parent ac9a78681b
commit 3a3d8fce31
1 changed files with 18 additions and 4 deletions

View File

@ -1463,10 +1463,19 @@ static int smack_inode_getsecurity(struct mnt_idmap *idmap,
struct super_block *sbp;
struct inode *ip = inode;
struct smack_known *isp;
struct inode_smack *ispp;
size_t label_len;
char *label = NULL;
if (strcmp(name, XATTR_SMACK_SUFFIX) == 0)
if (strcmp(name, XATTR_SMACK_SUFFIX) == 0) {
isp = smk_of_inode(inode);
else {
} else if (strcmp(name, XATTR_SMACK_TRANSMUTE) == 0) {
ispp = smack_inode(inode);
if (ispp->smk_flags & SMK_INODE_TRANSMUTE)
label = TRANS_TRUE;
else
label = "";
} else {
/*
* The rest of the Smack xattrs are only on sockets.
*/
@ -1488,13 +1497,18 @@ static int smack_inode_getsecurity(struct mnt_idmap *idmap,
return -EOPNOTSUPP;
}
if (!label)
label = isp->smk_known;
label_len = strlen(label);
if (alloc) {
*buffer = kstrdup(isp->smk_known, GFP_KERNEL);
*buffer = kstrdup(label, GFP_KERNEL);
if (*buffer == NULL)
return -ENOMEM;
}
return strlen(isp->smk_known);
return label_len;
}