Discussion:
[GIT PULL] SELinux patches for 3.18 #2
Paul Moore
2014-10-13 15:57:24 UTC
Permalink
Hi James,

One more small SELinux fix that should go into 3.18, if not during the merge
window then during the -rc period. Stephen wrote a nice patch description
which describes the problem, but it basically boils down to a race condition
that could result in a corrupted SELinux inode security blob/list. It is a
pretty difficult thing to reproduce, but the fix is obviously correct and
rather straightforward.

While I wouldn't expect any problems, for the sake of completeness I ran the
patch through the SELinux testsuite and it passed with flying colors.

Thanks,
-Paul

P.S. Somewhat related, as should be obvious from the weekend's exchange with
Linus, I'm not going to be updating/merging the SELinux next branch beyond
v3.16 unless I start to see problems accepting new patches (either through
interface or logic changes).

---
The following changes since commit e7387395a07d788f80d011baa8ec6beba2bc747c:

selinux: normalize audit log formatting (2014-10-06 11:57:25 -0400)

are available in the git repository at:

git://git.infradead.org/users/pcmoore/selinux stable-3.18

for you to fetch changes up to 7c66bdc72bc3d792886c42bbab4b214c1fe536e0:

selinux: fix inode security list corruption (2014-10-06 16:32:52 -0400)

----------------------------------------------------------------
Stephen Smalley (1):
selinux: fix inode security list corruption

security/selinux/hooks.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--
paul moore
security and virtualization @ redhat

--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to ***@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Loading...