lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20130726134823.e4c0a1b7bad087c12b3ce782@canb.auug.org.au>
Date:	Fri, 26 Jul 2013 13:48:23 +1000
From:	Stephen Rothwell <sfr@...b.auug.org.au>
To:	Eric Paris <eparis@...hat.com>
Cc:	linux-next@...r.kernel.org, linux-kernel@...r.kernel.org,
	David Quigley <dpquigl@...equigley.com>,
	"Matthew N. Dodd" <Matthew.Dodd@...rta.com>,
	Miguel Rodel Felipe <Rodel_FM@....a-star.edu.sg>,
	Phua Eu Gene <PHUA_Eu_Gene@....a-star.edu.sg>,
	Khin Mi Mi Aung <Mi_Mi_AUNG@....a-star.edu.sg>,
	Trond Myklebust <Trond.Myklebust@...app.com>
Subject: linux-next: manual merge of the selinux tree with Linus' tree

Hi Eric,

Today's linux-next merge of the selinux tree got a conflict in
security/selinux/hooks.c between commit eb9ae686507b ("SELinux: Add new
labeling type native labels") from Linus' tree and commits 40d3d0b85fa2
("SELinux: remove crazy contortions around proc") and a64c54cf0811
("SELinux: pass a superblock to security_fs_use") from the selinux tree.

I fixed it up (see below) and can carry the fix as necessary (no action
is required).

P.S. Unusually, that commit from Linus' tree has no Signed-off-by from
its purported author (David Quigley).
-- 
Cheers,
Stephen Rothwell                    sfr@...b.auug.org.au
diff --cc security/selinux/hooks.c
index a5091ec,4fbf2c5..0000000
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@@ -680,21 -702,14 +712,19 @@@ static int selinux_set_mnt_opts(struct 
  	if (strcmp(sb->s_type->name, "proc") == 0)
  		sbsec->flags |= SE_SBPROC;
  
 -	/* Determine the labeling behavior to use for this filesystem type. */
 -	rc = security_fs_use(sb);
 -	if (rc) {
 -		printk(KERN_WARNING "%s: security_fs_use(%s) returned %d\n",
 -		       __func__, sb->s_type->name, rc);
 -		goto out;
 +	if (!sbsec->behavior) {
 +		/*
 +		 * Determine the labeling behavior to use for this
 +		 * filesystem type.
 +		 */
- 		rc = security_fs_use((sbsec->flags & SE_SBPROC) ?
- 					"proc" : sb->s_type->name,
- 					&sbsec->behavior, &sbsec->sid);
++		rc = security_fs_use(sb);
 +		if (rc) {
 +			printk(KERN_WARNING
 +				"%s: security_fs_use(%s) returned %d\n",
 +					__func__, sb->s_type->name, rc);
 +			goto out;
 +		}
  	}
 -
  	/* sets the context of the superblock for the fs being mounted. */
  	if (fscontext_sid) {
  		rc = may_context_mount_sb_relabel(fscontext_sid, sbsec, cred);
@@@ -2629,11 -2589,15 +2659,11 @@@ static int selinux_inode_init_security(
  		isec->initialized = 1;
  	}
  
- 	if (!ss_initialized || !(sbsec->flags & SE_SBLABELSUPP))
+ 	if (!ss_initialized || !(sbsec->flags & SBLABEL_MNT))
  		return -EOPNOTSUPP;
  
 -	if (name) {
 -		namep = kstrdup(XATTR_SELINUX_SUFFIX, GFP_NOFS);
 -		if (!namep)
 -			return -ENOMEM;
 -		*name = namep;
 -	}
 +	if (name)
 +		*name = XATTR_SELINUX_SUFFIX;
  
  	if (value && len) {
  		rc = security_sid_to_context_force(newsid, &context, &clen);

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ