jepler/odroid-linux
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
odroid-linux/net/netlabel
History
Paul Moore 54ba13b901 netlabel: improve domain mapping validation 
[ Upstream commit 6b21e1b77d ]

The net/netlabel/netlabel_domainhash.c:netlbl_domhsh_add() function
does not properly validate new domain hash entries resulting in
potential problems when an administrator attempts to add an invalid
entry.  One such problem, as reported by Vlad Halilov, is a kernel
BUG (found in netlabel_domainhash.c:netlbl_domhsh_audit_add()) when
adding an IPv6 outbound mapping with a CIPSO configuration.

This patch corrects this problem by adding the necessary validation
code to netlbl_domhsh_add() via the newly created
netlbl_domhsh_validate() function.

Ideally this patch should also be pushed to the currently active
-stable trees.

Reported-by: Vlad Halilov <vlad.halilov@gmail.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2013-06-27 10:34:32 -07:00
..
Kconfig
Makefile
netlabel_addrlist.c
netlabel_addrlist.h Remove prefetch() from <linux/skbuff.h> and "netlabel_addrlist.h" 2011-05-22 21:43:41 -07:00
netlabel_cipso_v4.c netlabel: Fix set-but-unused variables. 2011-04-17 17:01:49 -07:00
netlabel_cipso_v4.h
netlabel_domainhash.c netlabel: improve domain mapping validation 2013-06-27 10:34:32 -07:00
netlabel_domainhash.h
netlabel_kapi.c
netlabel_mgmt.c Fix common misspellings 2011-03-31 11:26:23 -03:00
netlabel_mgmt.h
netlabel_unlabeled.c netlabel: correctly list all the static label mappings 2013-03-20 12:58:54 -07:00
netlabel_unlabeled.h
netlabel_user.c
netlabel_user.h netlink: kill loginuid/sessionid/sid members from struct netlink_skb_parms 2011-03-03 10:55:40 -08:00