selinux: do not check open perm on ftruncate call
Use the ATTR_FILE attribute to distinguish between truncate()
and ftruncate() system calls. The two other cases where
do_truncate is called with a filp (and therefore ATTR_FILE is set)
are for coredump files and for open(O_TRUNC). In both of those cases
the open permission has already been checked during file open and
therefore does not need to be repeated.
Commit
95dbf739313f ("SELinux: check OPEN on truncate calls")
fixed a major issue where domains were allowed to truncate files
without the open permission. However, it introduced a new bug where
a domain with the write permission can no longer ftruncate files
without the open permission, even when they receive an already open
file.
(cherry picked from commit
b21800f304392ee5d20f411c37470183cc779f11)
Bug:
22567870
Change-Id: Id7c305e46beba5091c2c777529bd468216aae1c3
Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Paul Moore <pmoore@redhat.com>
(cherry picked from commit
df46bc83c1fc9b64b2e86290935a3ad550b2e56e)
projects / firefly-linux-kernel-4.4.55.git / commit