Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 172f993a authored Jul 30, 2012 by Linus Torvalds

Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security

Pull security subsystem bugfixes from James Morris.

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
  selinux: fix selinux_inode_setxattr oops
  KEYS: linux/key-type.h needs linux/errno.h
  smack: off by one error

parents 7272c30b e3fea3f7

include/linux/key-type.h

+1 −0

Original line number	Diff line number	Diff line
		@@ -13,6 +13,7 @@
		#define _LINUX_KEY_TYPE_H

		#include <linux/key.h>
		#include <linux/errno.h>

		#ifdef CONFIG_KEYS

security/selinux/hooks.c

+10 −5

Original line number	Diff line number	Diff line
		@@ -2791,11 +2791,16 @@ static int selinux_inode_setxattr(struct dentry dentry, const char name,

		/* We strip a nul only if it is at the end, otherwise the
		* context contains a nul and we should audit that */
		if (value) {
		str = value;
		if (str[size - 1] == '\0')
		audit_size = size - 1;
		else
		audit_size = size;
		} else {
		str = "";
		audit_size = 0;
		}
		ab = audit_log_start(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR);
		audit_log_format(ab, "op=setxattr invalid_context=");
		audit_log_n_untrustedstring(ab, value, audit_size);

security/smack/smackfs.c

+4 −4

Original line number	Diff line number	Diff line
		@@ -323,11 +323,11 @@ static int smk_parse_long_rule(const char data, struct smack_rule rule,
		int datalen;
		int rc = -1;

		/*
		* This is probably inefficient, but safe.
		*/
		/* This is inefficient */
		datalen = strlen(data);
		subject = kzalloc(datalen, GFP_KERNEL);

		/* Our first element can be 64 + \0 with no spaces */
		subject = kzalloc(datalen + 1, GFP_KERNEL);
		if (subject == NULL)
		return -1;
		object = kzalloc(datalen, GFP_KERNEL);