[PATCH v3 stable/linux-6.12.y 0/3] Backport Fix incorrect overlayfs mmap() and mprotect() LSM access controls

Next message: Wang Han: "[PATCH v4 2/7] riscv: stacktrace: disable KASAN and KCOV instrumentation for stacktrace.o"
Previous message: Ekansh Gupta: "[PATCH RESEND] arm64: dts: qcom: hamoa: add audio PD remote heap region"
Next in thread: Cai Xinchen: "[PATCH v3 stable/linux-6.12.y 1/3] fs: constify file ptr in backing_file accessor helpers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Cai Xinchen

Date: Mon Jun 29 2026 - 02:42:38 EST

v3: Backport 4e301d858af17a ("fs: constify file ptr in backing_file
accessor helpers") to fix const-discard warnings

v2: Add static to struct kmem_cache *lsm_backing_file_cache; and define
lbs_backing_file as int for keeping the same type as 6.12.

Backport the patch series
"Fix incorrect overlayfs mmap() and mprotect() LSM access controls" [1]
to 6.12 lts

I test selinux-testsuite[2] overlay test, it pass 135 tests.

[1] https://lore.kernel.org/all/20260403030848.731867-5-paul@xxxxxxxxxxxxxx/
[2] https://github.com/SELinuxProject/selinux-testsuite

Amir Goldstein (1):
fs: constify file ptr in backing_file accessor helpers

Paul Moore (2):
lsm: add backing_file LSM hooks
selinux: fix overlayfs mmap() and mprotect() access checks

fs/backing-file.c | 22 ++-
fs/file_table.c | 40 +++--
fs/fuse/passthrough.c | 2 +-
fs/internal.h | 4 +-
fs/overlayfs/dir.c | 2 +-
fs/overlayfs/file.c | 3 +-
include/linux/backing-file.h | 4 +-
include/linux/fs.h | 19 ++-
include/linux/lsm_audit.h | 2 +-
include/linux/lsm_hook_defs.h | 5 +
include/linux/lsm_hooks.h | 1 +
include/linux/security.h | 22 +++
security/security.c | 109 ++++++++++++++
security/selinux/hooks.c | 242 ++++++++++++++++++++++--------
security/selinux/include/objsec.h | 11 ++
15 files changed, 398 insertions(+), 90 deletions(-)

--
2.18.0.huawei.25