redonkable
/
alistair23-linux
1
0
Fork 0
Code Releases Activity
alistair23-linux/security/selinux
History
Paul Moore c807042f2d selinux: fix inode_doinit_with_dentry() LABEL_INVALID error handling 
[ Upstream commit 200ea5a229 ]

A previous fix, commit 83370b31a9 ("selinux: fix error initialization
in inode_doinit_with_dentry()"), changed how failures were handled
before a SELinux policy was loaded.  Unfortunately that patch was
potentially problematic for two reasons: it set the isec->initialized
state without holding a lock, and it didn't set the inode's SELinux
label to the "default" for the particular filesystem.  The later can
be a problem if/when a later attempt to revalidate the inode fails
and SELinux reverts to the existing inode label.

This patch should restore the default inode labeling that existed
before the original fix, without affecting the LABEL_INVALID marking
such that revalidation will still be attempted in the future.

Fixes: 83370b31a9 ("selinux: fix error initialization in inode_doinit_with_dentry()")
Reported-by: Sven Schnelle <svens@linux.ibm.com>
Tested-by: Sven Schnelle <svens@linux.ibm.com>
Reviewed-by: Ondrej Mosnacek <omosnace@redhat.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2020-12-30 11:51:05 +01:00
..
include selinux: fall back to ref-walk if audit is required 2020-02-14 16:34:20 -05:00
ss selinux: fix double free 2020-06-24 17:50:48 +02:00
.gitignore SELinux: add .gitignore files for dynamic classes 2009-10-24 09:42:27 +08:00
Kconfig treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
Makefile SELinux: Remove unused selinux_is_enabled 2019-01-08 13:18:44 -08:00
avc.c selinux: ensure we cleanup the internal AVC counters on error in avc_update() 2020-02-24 08:36:39 +01:00
hooks.c selinux: fix inode_doinit_with_dentry() LABEL_INVALID error handling 2020-12-30 11:51:05 +01:00
ibpkey.c selinux: Fix error return code in sel_ib_pkey_sid_slow() 2020-11-18 19:20:30 +01:00
netif.c selinux/stable-5.4 PR 20190917 2019-09-23 11:21:04 -07:00
netlabel.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13 2019-05-21 11:28:45 +02:00
netlink.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
netnode.c selinux/stable-5.4 PR 20190917 2019-09-23 11:21:04 -07:00
netport.c selinux/stable-5.4 PR 20190917 2019-09-23 11:21:04 -07:00
nlmsgtab.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-06-22 08:59:24 -04:00
selinuxfs.c selinux: sel_avc_get_stat_idx should increase position index 2020-10-01 13:17:32 +02:00
xfrm.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00