| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <alpine.LNX.2.01.1009242300400.3599@obet.zrqbmnf.qr>
Date: Fri, 24 Sep 2010 23:01:17 +0200 (CEST)
From: Jan Engelhardt <jengelh@...ozas.de>
To: Eric Paris <eparis@...hat.com>
cc: linux-kernel@...r.kernel.org, selinux@...ho.nsa.gov,
netfilter-devel@...r.kernel.org, jmorris@...ei.org,
sds@...ho.nsa.gov, paul.moore@...com, casey@...aufler-ca.com,
linux-security-module@...r.kernel.org, netfilter@...r.kernel.org,
mr.dash.four@...glemail.com
Subject: Re: [PATCH 1/6] secmark: do not return early if there was no error
On Friday 2010-09-24 22:45, Eric Paris wrote:
>Commit 4a5a5c73 attempted to pass decent error messages back to userspace for
>netfilter errors. In xt_SECMARK.c however the patch screwed up and returned
>on 0 (aka no error) early and didn't finish setting up secmark. This results
>in a kernel BUG if you use SECMARK.
>+++ b/net/netfilter/xt_SECMARK.c
>@@ -101,7 +101,7 @@ static int secmark_tg_check(const struct xt_tgchk_param *par)
> switch (info->mode) {
> case SECMARK_MODE_SEL:
> err = checkentry_selinux(info);
>- if (err <= 0)
>+ if (err)
> return err;
Indeed the = is unwanted and err < 0 was intended here.
Sorry for the slip.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists