diff options
author | Stephen Smalley <stephen.smalley.work@gmail.com> | 2024-10-04 13:27:10 -0400 |
---|---|---|
committer | Paul Moore <paul@paul-moore.com> | 2024-10-07 16:39:49 -0400 |
commit | d7b6918e22c74f2b354d8dc0ef31ab17ae334b93 (patch) | |
tree | 7c1a3eef40d3cc8c52563aa0bb8644eac7169b18 /security | |
parent | 9aba55b1fbefcbba48333db3f2b77b086172a1cb (diff) |
selinux: Deprecate /sys/fs/selinux/user
The only known user of this interface was libselinux and its
internal usage of this interface for get_ordered_context_list(3)
was removed in Feb 2020, with a deprecation warning added to
security_compute_user(3) at the same time. Add a deprecation
warning to the kernel and schedule it for final removal in 2025.
Signed-off-by: Stephen Smalley <stephen.smalley.work@gmail.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'security')
-rw-r--r-- | security/selinux/selinuxfs.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index e172f182b65c..234f4789b787 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c @@ -1069,6 +1069,10 @@ static ssize_t sel_write_user(struct file *file, char *buf, size_t size) int rc; u32 i, len, nsids; + pr_warn_ratelimited("SELinux: %s (%d) wrote to /sys/fs/selinux/user!" + " This will not be supported in the future; please update your" + " userspace.\n", current->comm, current->pid); + length = avc_has_perm(current_sid(), SECINITSID_SECURITY, SECCLASS_SECURITY, SECURITY__COMPUTE_USER, NULL); |