security: Fix security_old_inode_init_security() when CONFIG_SECURITY is not set
Commit 1e39f384bb01 ("evm: fix build problems") makes the stub version
of security_old_inode_init_security() return 0 when CONFIG_SECURITY is
not set.
But that makes callers such as reiserfs_security_init() assume that
security_old_inode_init_security() has set name, value, and len
arguments properly - but security_old_inode_init_security() left them
uninitialized which then results in interesting failures.
Revert security_old_inode_init_security() to the old behavior of
returning EOPNOTSUPP since both callers (reiserfs and ocfs2) handle this
just fine.
[ Also fixed the S_PRIVATE(inode) case of the actual non-stub
security_old_inode_init_security() function to return EOPNOTSUPP
for the same reason, as pointed out by Mimi Zohar.
It got incorrectly changed to match the new function in commit
fb88c2b6cbb1: "evm: fix security/security_old_init_security return
code". - Linus ]
Reported-by: Jorge Bastos <[email protected]>
Acked-by: James Morris <[email protected]>
Acked-by: Mimi Zohar <[email protected]>
Signed-off-by: Jan Kara <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
diff --git a/include/linux/security.h b/include/linux/security.h
index 19d8e04..e8c619d 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -2056,7 +2056,7 @@
char **name, void **value,
size_t *len)
{
- return 0;
+ return -EOPNOTSUPP;
}
static inline int security_inode_create(struct inode *dir,
diff --git a/security/security.c b/security/security.c
index 0c6cc69..e2f684a 100644
--- a/security/security.c
+++ b/security/security.c
@@ -381,7 +381,7 @@
void **value, size_t *len)
{
if (unlikely(IS_PRIVATE(inode)))
- return 0;
+ return -EOPNOTSUPP;
return security_ops->inode_init_security(inode, dir, qstr, name, value,
len);
}
