Linux kernel stable tree (mirror) https://git.radix-linux.su/kernel/linux.git/atom?h=linux-2.6.28.y 2009-05-02T17:57:21+00:00 2009-05-02T17:57:21+00:00 Eugene Teo eteo@redhat.com 2009-04-13T02:04:41+00:00 urn:sha1:e0021955d0511e0f3ed867d5dcc7e6c3aefe7371 Not upstream in 2.6.30, as the function was removed there, making this a non-issue. Node and port send checks can skip in the compat_net=1 case. This bug was introduced in commit effad8d. Signed-off-by: Eugene Teo <eugeneteo@kernel.sg> Reported-by: Dan Carpenter <error27@gmail.com> Acked-by: James Morris <jmorris@namei.org> Acked-by: Paul Moore <paul.moore@hp.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 2009-05-02T17:56:39+00:00 Etienne Basset etienne.basset@numericable.fr 2009-03-31T21:54:11+00:00 urn:sha1:42354485a028e31fad51ba86eb6958ce42045343 upstream commit: 4303154e86597885bc3cbc178a48ccbc8213875f this patch fix an oops in smack when setting a size 0 SMACK64 xattr eg attr -S -s SMACK64 -V '' somefile This oops because smk_import_entry treats a 0 length as SMK_MAXLEN Signed-off-by: Etienne Basset <etienne.basset@numericable.fr> Reviewed-by: James Morris <jmorris@namei.org> Acked-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Chris Wright <chrisw@sous-sol.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 2009-03-17T00:32:21+00:00 Paul Moore paul.moore@hp.com 2009-02-20T21:33:02+00:00 urn:sha1:da0a49794fba623e278f27fb1ff339f19b512fc8 commit 09c50b4a52c01a1f450b8eec819089e228655bfb upstream. At some point we (okay, I) managed to break the ability for users to use the setsockopt() syscall to set IPv4 options when NetLabel was not active on the socket in question. The problem was noticed by someone trying to use the "-R" (record route) option of ping: # ping -R 10.0.0.1 ping: record route: No message of desired type The solution is relatively simple, we catch the unlabeled socket case and clear the error code, allowing the operation to succeed. Please note that we still deny users the ability to override IPv4 options on socket's which have NetLabel labeling active; this is done to ensure the labeling remains intact. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org> Cc: Chuck Ebbert <cebbert@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 2009-03-17T00:32:21+00:00 Paul Moore paul.moore@hp.com 2009-02-27T20:00:03+00:00 urn:sha1:beb6ec3b2a0d720bf0baa64cbafb20b2af0b1fa7 commit d7f59dc4642ce2fc7b79fcd4ec02ffce7f21eb02 upstream. Rick McNeal from LSI identified a panic in selinux_netlbl_inode_permission() caused by a certain sequence of SUNRPC operations. The problem appears to be due to the lack of NULL pointer checking in the function; this patch adds the pointer checks so the function will exit safely in the cases where the socket is not completely initialized. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org> Cc: Chuck Ebbert <cebbert@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 2009-01-25T00:41:33+00:00 Vegard Nossum vegard.nossum@gmail.com 2009-01-17T16:45:45+00:00 urn:sha1:c534bf90e2075626bbf862353c112a9de2d3dd42 commit 0d54ee1c7850a954026deec4cd4885f331da35cc upstream. Plug this leak. Acked-by: David Howells <dhowells@redhat.com> Cc: James Morris <jmorris@namei.org> Signed-off-by: Vegard Nossum <vegard.nossum@gmail.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 2009-01-18T18:44:00+00:00 Heiko Carstens heiko.carstens@de.ibm.com 2009-01-14T13:14:30+00:00 urn:sha1:47e059f33e324bef53aab02196595c0dd8b384fb commit 938bb9f5e840eddbf54e4f62f6c5ba9b3ae12c9d upstream. Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 2009-01-18T18:44:00+00:00 Heiko Carstens heiko.carstens@de.ibm.com 2009-01-14T13:14:29+00:00 urn:sha1:508d497ce4de9b7399d8662e4ef090f2567bbf19 commit 1e7bfb2134dfec37ce04fb3a4ca89299e892d10c upstream. Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 2009-01-18T18:43:47+00:00 Serge E. Hallyn serue@us.ibm.com 2009-01-08T02:07:46+00:00 urn:sha1:fc83e93dc48f21cf8cce17586f7cc5e2b9c88d58 commit 0b82ac37b889ec881b645860da3775118effb3ca upstream. The devcgroup_inode_permission() hook in the devices whitelist cgroup has always bypassed access checks on fifos. But the mknod hook did not. The devices whitelist is only about block and char devices, and fifos can't even be added to the whitelist, so fifos can't be created at all except by tasks which have 'a' in their whitelist (meaning they have access to all devices). Fix the behavior by bypassing access checks to mkfifo. Signed-off-by: Serge E. Hallyn <serue@us.ibm.com> Cc: Li Zefan <lizf@cn.fujitsu.com> Cc: Pavel Emelyanov <xemul@openvz.org> Cc: Paul Menage <menage@google.com> Cc: Lai Jiangshan <laijs@cn.fujitsu.com> Cc: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com> Cc: James Morris <jmorris@namei.org> Reported-by: Daniel Lezcano <dlezcano@fr.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 2008-11-10T21:20:57+00:00 David Howells dhowells@redhat.com 2008-11-10T19:00:05+00:00 urn:sha1:1f8f5cf6e4f038552a3e47b66085452c08556d71 Make request_key() instantiate the per-user keyrings so that it doesn't oops if it needs to get hold of the user session keyring because there isn't a session keyring in place. Signed-off-by: David Howells <dhowells@redhat.com> Tested-by: Steve French <smfrench@gmail.com> Tested-by: Rutger Nijlunsing <rutger.nijlunsing@gmail.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 2008-11-01T16:50:38+00:00 Linus Torvalds torvalds@linux-foundation.org 2008-11-01T16:50:38+00:00 urn:sha1:0a6d2fac615972142715d736289abeeb7382e81d * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: SELinux: properly handle empty tty_files list