[PATCH 1/1] SELINUX: Bug fix in security_sid_mls

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH 1/1] SELINUX: Bug fix in security_sid_mls_copy
@ 2006-09-19  0:33 Venkat Yekkirala
  2006-09-19 12:40 ` Stephen Smalley
  0 siblings, 1 reply; 2+ messages in thread
From: Venkat Yekkirala @ 2006-09-19  0:33 UTC (permalink / raw)
  To: selinux, sds; +Cc: chanson, jbrindle

The following fixes a bug where random mem is being tampered
with in the non-mls case; encountered by Jashua Brindle on a
gentoo box.

Signed-off-by: Venkat Yekkirala <vyekkirala@TrustedCS.com>
---

PS: NOT SURE IF THIS ALSO NEEDS TO BE SENT TO NETDEV. PLEASE LET
ME KNOW IF I SHOULD.

diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index 27ee28c..7eb69a6 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -1841,7 +1841,7 @@ int security_sid_mls_copy(u32 sid, u32 m
 	u32 len;
 	int rc = 0;
 
-	if (!ss_initialized) {
+	if (!ss_initialized || !selinux_mls_enabled) {
 		*new_sid = sid;
 		goto out;
 	}

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [PATCH 1/1] SELINUX: Bug fix in security_sid_mls_copy
  2006-09-19  0:33 [PATCH 1/1] SELINUX: Bug fix in security_sid_mls_copy Venkat Yekkirala
@ 2006-09-19 12:40 ` Stephen Smalley
  0 siblings, 0 replies; 2+ messages in thread
From: Stephen Smalley @ 2006-09-19 12:40 UTC (permalink / raw)
  To: Venkat Yekkirala; +Cc: Eric Paris, James Morris, selinux, chanson, jbrindle

On Mon, 2006-09-18 at 19:33 -0500, Venkat Yekkirala wrote:
> The following fixes a bug where random mem is being tampered
> with in the non-mls case; encountered by Jashua Brindle on a
> gentoo box.
> 
> Signed-off-by: Venkat Yekkirala <vyekkirala@TrustedCS.com>

Acked-by:  Stephen Smalley <sds@tycho.nsa.gov>

> ---
> 
> PS: NOT SURE IF THIS ALSO NEEDS TO BE SENT TO NETDEV. PLEASE LET
> ME KNOW IF I SHOULD.

Yes.  Note that it is for 2.6.19 as well as a bug fix for the prior
patches.

> 
> diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
> index 27ee28c..7eb69a6 100644
> --- a/security/selinux/ss/services.c
> +++ b/security/selinux/ss/services.c
> @@ -1841,7 +1841,7 @@ int security_sid_mls_copy(u32 sid, u32 m
>  	u32 len;
>  	int rc = 0;
>  
> -	if (!ss_initialized) {
> +	if (!ss_initialized || !selinux_mls_enabled) {
>  		*new_sid = sid;
>  		goto out;
>  	}
-- 
Stephen Smalley
National Security Agency


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2006-09-19 12:40 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-09-19  0:33 [PATCH 1/1] SELINUX: Bug fix in security_sid_mls_copy Venkat Yekkirala
2006-09-19 12:40 ` Stephen Smalley

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.