[roll] Roll fuchsia [sestarnix] Revise handling of set/get/removexattr access checks
Access-checks for user, security, system and trusted attributes
are revised to align with the xattr(7) man page descriptions.
Discretionary capability and access checks are now made before any
LSM checks.
LSM checks are applied via check_fs_node_set/get_xattr_access with
the fs_node_set/getsecurity hooks responsible only for handling
actual updates or requests for the "security.selinux" attribute.
All other "security.*" attributes accesses are delegated to the
FsNode implementation to service via FsNodeOps::set/get_xattr().
Original-Bug: 450104899, 460215348
Original-Reviewed-on: https://fuchsia-review.googlesource.com/c/fuchsia/+/1419934
Original-Revision: 04c97345ac22e6fc8b10f9f051a52cb3e3a332e3
GitOrigin-RevId: 1cd394af438f723393b73f6c73a06f8b1393d93e
Change-Id: Ifb92f170e6f7365cd8dc9321d83aceadeb7d4654
diff --git a/stem b/stem
index b9670e8..0e394e4 100644
--- a/stem
+++ b/stem
@@ -7,7 +7,7 @@
manifest="manifests/platform"
root=""
remote="https://fuchsia.googlesource.com/fuchsia"
- revision="cd79391e02af6e08bd34dbc48af8033d0e5711ba"/>
+ revision="04c97345ac22e6fc8b10f9f051a52cb3e3a332e3"/>
</imports>
<projects>
<project name="cobalt"
