proc: Pass file mode to proc_pid_make_inode Pass the file mode of the proc inode to be created to proc_pid_make_inode. In proc_pid_make_inode, initialize inode->i_mode before calling security_task_to_inode. This allows selinux to set isec->sclass right away without introducing "half-initialized" inode security structs. Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com> Signed-off-by: Paul Moore <paul@paul-moore.com>

commit: db978da8fa1d0819b210c137d31a339149b88875 [log] [tgz]
author: Andreas Gruenbacher <agruenba@redhat.com> Thu Nov 10 22:18:28 2016 +0100
committer: Paul Moore <paul@paul-moore.com> Mon Nov 14 15:39:48 2016 -0500
tree: 877976508c0ebadc5372fecdb82f0e91121c1c1a
parent: 420591128cb206201dc444c2d42fb6f299b2ecd0 [diff] [blame]
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 1c07217..32beac8 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c

@@ -3955,6 +3955,7 @@ static void selinux_task_to_inode(struct task_struct *p,
 	struct inode_security_struct *isec = inode->i_security;
 	u32 sid = task_sid(p);
 
+	isec->sclass = inode_mode_to_security_class(inode->i_mode);
 	isec->sid = sid;
 	isec->initialized = LABEL_INITIALIZED;
 }
commit	db978da8fa1d0819b210c137d31a339149b88875	[log] [tgz]
author	Andreas Gruenbacher <agruenba@redhat.com>	Thu Nov 10 22:18:28 2016 +0100
committer	Paul Moore <paul@paul-moore.com>	Mon Nov 14 15:39:48 2016 -0500
tree	877976508c0ebadc5372fecdb82f0e91121c1c1a
parent	420591128cb206201dc444c2d42fb6f299b2ecd0 [diff] [blame]