Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Pull SELinux fixes from James Morris.

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
SELinux: Fix kernel BUG on empty security contexts.
selinux: add SOCK_DIAG_BY_FAMILY to the list of netlink message types

Linus Torvalds 12 years ago cd63204c f94aa7c7

2 changed files

expand all

security

selinux

nlmsgtab.c

services.c

security/selinux/nlmsgtab.c

··· 17 17 #include <linux/inet_diag.h> 18 18 #include <linux/xfrm.h> 19 19 #include <linux/audit.h> 20 + #include <linux/sock_diag.h> 20 21 21 22 #include "flask.h" 22 23 #include "av_permissions.h" ··· 79 78 { 80 79 { TCPDIAG_GETSOCK, NETLINK_TCPDIAG_SOCKET__NLMSG_READ }, 81 80 { DCCPDIAG_GETSOCK, NETLINK_TCPDIAG_SOCKET__NLMSG_READ }, 81 + { SOCK_DIAG_BY_FAMILY, NETLINK_TCPDIAG_SOCKET__NLMSG_READ }, 82 82 }; 83 83 84 84 static struct nlmsg_perm nlmsg_xfrm_perms[] =

security/selinux/ss/services.c

··· 1232 1232 struct context context; 1233 1233 int rc = 0; 1234 1234 1235 + /* An empty security context is never valid. */ 1236 + if (!scontext_len) 1237 + return -EINVAL; 1238 + 1235 1239 if (!ss_initialized) { 1236 1240 int i; 1237 1241

Configure Feed

Configure Feed