projects / linux-2.6-block.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4cece76) | patch
selinux: reject invalid ebitmaps
authorChristian Göttsche <cgzones@googlemail.com>
Fri, 15 Mar 2024 17:28:44 +0000 (18:28 +0100)
committerPaul Moore <paul@paul-moore.com>
Tue, 26 Mar 2024 20:36:14 +0000 (16:36 -0400)
commit0142c56682fbf969cc08b1e3f9223384ede29a5f
tree4467ecc386bba1f84106802aea4a203e24c72b4etree | snapshot
parent4cece764965020c22cff7665b18a012006359095commit | diff
selinux: reject invalid ebitmaps

Reject ebitmaps with a node containing an empty map or with an incorrect
highbit.  Both checks are already performed by userspace, the former
since 2008 (patch 13cd4c896068 ("initial import from svn trunk revision
2950")), the latter since v2.7 in 2017 (patch 75b14a5de10a ("libsepol:
ebitmap: reject loading bitmaps with incorrect high bit")).

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
security/selinux/ss/ebitmap.c diff | blob | blame | history
Linux 6.x block layer and io_uring tree(s)