Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-10 22:21:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
9e00c140f3
linux/drivers/target
History
Maurizio Lombardi 97a54ef596 scsi: target: Fix SELinux error when systemd-modules loads the target module 
If the systemd-modules service loads the target module, the credentials of
that userspace process will be used to validate the access to the target db
directory.  SELinux will prevent it, reporting an error like the following:

kernel: audit: type=1400 audit(1676301082.205:4): avc: denied  { read }
for  pid=1020 comm="systemd-modules" name="target" dev="dm-3"
ino=4657583 scontext=system_u:system_r:systemd_modules_load_t:s0
tcontext=system_u:object_r:targetd_etc_rw_t:s0 tclass=dir permissive=0

Fix the error by using the kernel credentials to access the db directory

Signed-off-by: Maurizio Lombardi <mlombard@redhat.com>
Link: https://lore.kernel.org/r/20240215143944.847184-2-mlombard@redhat.com
Reviewed-by: Mike Christie <michael.christie@oracle.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
2024-04-05 21:37:54 -04:00
..
iscsi scsi: target: iscsi: Remove unused variable xfer_len 2024-03-10 18:01:34 -04:00
loopback scsi: target: tcm_loop: Make tcm_loop_lld_bus const 2024-02-05 20:58:55 -05:00
sbp scsi: target: Have drivers report if they support direct submissions 2023-10-13 15:53:57 -04:00
tcm_fc scsi: target: Have drivers report if they support direct submissions 2023-10-13 15:53:57 -04:00
tcm_remote scsi: target: Add virtual remote target 2023-03-16 23:36:37 -04:00
Kconfig scsi: target: Add virtual remote target 2023-03-16 23:36:37 -04:00
Makefile scsi: target: Add virtual remote target 2023-03-16 23:36:37 -04:00
target_core_alua.c scsi: target: core: Move core_alua_check_nonop_delay() call 2023-10-13 15:53:57 -04:00
target_core_alua.h
target_core_configfs.c scsi: target: Fix SELinux error when systemd-modules loads the target module 2024-04-05 21:37:54 -04:00
target_core_device.c scsi: target: core: Add TMF to tmr_list handling 2024-01-11 21:43:06 -05:00
target_core_fabric_configfs.c scsi: target: Export fabric driver direct submit settings 2023-10-13 15:53:58 -04:00
target_core_fabric_lib.c
target_core_file.c scsi: target: Rename sbc_ops to exec_cmd_ops 2023-04-11 21:55:36 -04:00
target_core_file.h
target_core_hba.c
target_core_iblock.c target: port block device access to file 2024-02-25 12:05:25 +01:00
target_core_iblock.h target: port block device access to file 2024-02-25 12:05:25 +01:00
target_core_internal.h Merge patch series "target: TMF and recovery fixes" 2023-03-24 17:39:15 -04:00
target_core_pr.c scsi: target: Enable READ CAPACITY for PR EARO 2023-12-05 21:01:52 -05:00
target_core_pr.h
target_core_pscsi.c vfs-6.9.super 2024-03-11 10:52:34 -07:00
target_core_pscsi.h target: port block device access to file 2024-02-25 12:05:25 +01:00
target_core_rd.c scsi: target: Rename sbc_ops to exec_cmd_ops 2023-04-11 21:55:36 -04:00
target_core_rd.h
target_core_sbc.c scsi: target: Rename sbc_ops to exec_cmd_ops 2023-04-11 21:55:36 -04:00
target_core_spc.c Merge patch series "Use block pr_ops in LIO" 2023-05-22 16:35:02 -04:00
target_core_stat.c scsi: target: core: Use RTPI from target port 2023-03-09 21:29:23 -05:00
target_core_tmr.c scsi: target: Fix multiple LUN_RESET handling 2023-03-24 17:32:23 -04:00
target_core_tpg.c Merge patch series "target: TMF and recovery fixes" 2023-03-24 17:39:15 -04:00
target_core_transport.c scsi: target: core: Add TMF to tmr_list handling 2024-01-11 21:43:06 -05:00
target_core_ua.c
target_core_ua.h
target_core_user.c scsi: target: tcmu: Annotate struct tcmu_tmr with __counted_by 2023-09-27 11:28:48 -04:00
target_core_xcopy.c pid: Split out pid_types.h 2023-12-20 19:26:31 -05:00
target_core_xcopy.h scsi: target: core: Change the way target_xcopy_do_work() sets restiction on max I/O 2022-11-24 02:16:19 +00:00