diff options
| author | Linus Torvalds <[email protected]> | 2018-05-30 21:35:07 +0000 |
|---|---|---|
| committer | Linus Torvalds <[email protected]> | 2018-05-30 21:35:07 +0000 |
| commit | 943cf9f3ca16133dbd00f9a4cbfea46512fcb0e8 (patch) | |
| tree | 0f41a7d08f725701203530978b6180d6cb340ea7 /lib/bitmap.c | |
| parent | Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert... (diff) | |
| parent | selinux: KASAN: slab-out-of-bounds in xattr_getsecurity (diff) | |
| download | kernel-943cf9f3ca16133dbd00f9a4cbfea46512fcb0e8.tar.gz kernel-943cf9f3ca16133dbd00f9a4cbfea46512fcb0e8.zip | |
Merge tag 'selinux-pr-20180530' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux
Pull SELinux fix from Paul Moore:
"One more small fix for SELinux: a small string length fix found by
KASAN.
I dislike sending patches this late in the release cycle, but this
patch fixes a legitimate problem, is very small, limited in scope, and
well understood.
There are two threads with more information on the problem, the latest
is linked below:
https://marc.info/?t=152723737400001&r=1&w=2
Stephen points out in the thread linked above:
'Such a setxattr() call can only be performed by a process with
CAP_MAC_ADMIN that is also allowed mac_admin permission in SELinux
policy. Consequently, this is never possible on Android (no process
is allowed mac_admin permission, always enforcing) and is only
possible in Fedora/RHEL for a few domains (if enforcing)'"
* tag 'selinux-pr-20180530' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux:
selinux: KASAN: slab-out-of-bounds in xattr_getsecurity
Diffstat (limited to 'lib/bitmap.c')
0 files changed, 0 insertions, 0 deletions