Paul Moore
2014-10-13 15:57:24 UTC
Hi James,
One more small SELinux fix that should go into 3.18, if not during the merge
window then during the -rc period. Stephen wrote a nice patch description
which describes the problem, but it basically boils down to a race condition
that could result in a corrupted SELinux inode security blob/list. It is a
pretty difficult thing to reproduce, but the fix is obviously correct and
rather straightforward.
While I wouldn't expect any problems, for the sake of completeness I ran the
patch through the SELinux testsuite and it passed with flying colors.
Thanks,
-Paul
P.S. Somewhat related, as should be obvious from the weekend's exchange with
Linus, I'm not going to be updating/merging the SELinux next branch beyond
v3.16 unless I start to see problems accepting new patches (either through
interface or logic changes).
---
The following changes since commit e7387395a07d788f80d011baa8ec6beba2bc747c:
selinux: normalize audit log formatting (2014-10-06 11:57:25 -0400)
are available in the git repository at:
git://git.infradead.org/users/pcmoore/selinux stable-3.18
for you to fetch changes up to 7c66bdc72bc3d792886c42bbab4b214c1fe536e0:
selinux: fix inode security list corruption (2014-10-06 16:32:52 -0400)
----------------------------------------------------------------
Stephen Smalley (1):
selinux: fix inode security list corruption
security/selinux/hooks.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
One more small SELinux fix that should go into 3.18, if not during the merge
window then during the -rc period. Stephen wrote a nice patch description
which describes the problem, but it basically boils down to a race condition
that could result in a corrupted SELinux inode security blob/list. It is a
pretty difficult thing to reproduce, but the fix is obviously correct and
rather straightforward.
While I wouldn't expect any problems, for the sake of completeness I ran the
patch through the SELinux testsuite and it passed with flying colors.
Thanks,
-Paul
P.S. Somewhat related, as should be obvious from the weekend's exchange with
Linus, I'm not going to be updating/merging the SELinux next branch beyond
v3.16 unless I start to see problems accepting new patches (either through
interface or logic changes).
---
The following changes since commit e7387395a07d788f80d011baa8ec6beba2bc747c:
selinux: normalize audit log formatting (2014-10-06 11:57:25 -0400)
are available in the git repository at:
git://git.infradead.org/users/pcmoore/selinux stable-3.18
for you to fetch changes up to 7c66bdc72bc3d792886c42bbab4b214c1fe536e0:
selinux: fix inode security list corruption (2014-10-06 16:32:52 -0400)
----------------------------------------------------------------
Stephen Smalley (1):
selinux: fix inode security list corruption
security/selinux/hooks.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--
paul moore
security and virtualization @ redhat
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to ***@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
paul moore
security and virtualization @ redhat
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to ***@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html