Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull SELinux fixes from James Morris.
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
selinux: selinux_setprocattr()->ptrace_parent() needs rcu_read_lock()
selinux: fix broken peer recv check
+5
-3
+5
-3
security/selinux/hooks.c
+5
-3
security/selinux/hooks.c
···
4334
4334
}
4335
4335
err = avc_has_perm(sk_sid, peer_sid, SECCLASS_PEER,
4336
4336
PEER__RECV, &ad);
4337
-
if (err)
4337
+
if (err) {
4338
4338
selinux_netlbl_err(skb, err, 0);
4339
+
return err;
4340
+
}
4339
4341
}
4340
4342
4341
4343
if (secmark_active) {
···
5588
5586
/* Check for ptracing, and update the task SID if ok.
5589
5587
Otherwise, leave SID unchanged and fail. */
5590
5588
ptsid = 0;
5591
-
task_lock(p);
5589
+
rcu_read_lock();
5592
5590
tracer = ptrace_parent(p);
5593
5591
if (tracer)
5594
5592
ptsid = task_sid(tracer);
5595
-
task_unlock(p);
5593
+
rcu_read_unlock();
5596
5594
5597
5595
if (tracer) {
5598
5596
error = avc_has_perm(ptsid, sid, SECCLASS_PROCESS,