lwn.git/security/selinux/ss/policydb.c, branch v4.17-rc7 Linux kernel documentation tree maintained by Jonathan Corbet http://mirrors.hust.edu.cn/git/lwn.git/atom?h=v4.17-rc7 2017-08-17T19:32:55+00:00 selinux: update my email address 2017-08-17T19:32:55+00:00 Stephen Smalley sds@tycho.nsa.gov 2017-08-17T17:32:36+00:00 urn:sha1:7efbb60b455115f6027e76c45ec548436115f72c Update my email address since epoch.ncsc.mil no longer exists. MAINTAINERS and CREDITS are already correct. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Paul Moore <paul@paul-moore.com> selinux: Create policydb version for Infiniband support 2017-05-23T16:27:32+00:00 Daniel Jurgens danielj@mellanox.com 2017-05-19T12:48:55+00:00 urn:sha1:a806f7a1616f29b80749d708115a643c1f4ba056 Support for Infiniband requires the addition of two new object contexts, one for infiniband PKeys and another IB Ports. Added handlers to read and write the new ocontext types when reading or writing a binary policy representation. Signed-off-by: Daniel Jurgens <danielj@mellanox.com> Reviewed-by: Eli Cohen <eli@mellanox.com> Reviewed-by: James Morris <james.l.morris@oracle.com> Acked-by: Doug Ledford <dledford@redhat.com> Signed-off-by: Paul Moore <paul@paul-moore.com> selinux: Return directly after a failed memory allocation in policydb_index() 2017-05-23T14:23:12+00:00 Markus Elfring elfring@users.sourceforge.net 2017-04-04T08:20:46+00:00 urn:sha1:62934ffb9e5f9a904c83f571590631b766d68d12 Replace five goto statements (and previous variable assignments) by direct returns after a memory allocation failure in this function. Signed-off-by: Markus Elfring <elfring@users.sourceforge.net> Signed-off-by: Paul Moore <paul@paul-moore.com> selinux: Fix an uninitialized variable bug 2017-03-31T19:16:18+00:00 Dan Carpenter dan.carpenter@oracle.com 2017-03-31T15:21:18+00:00 urn:sha1:cae303df3f379f04ce7efadb2e30de460918b302 We removed this initialization as a cleanup but it is probably required. The concern is that "nel" can be zero. I'm not an expert on SELinux code but I think it looks possible to write an SELinux policy which triggers this bug. GCC doesn't catch this, but my static checker does. Fixes: 9c312e79d6af ("selinux: Delete an unnecessary variable initialisation in range_read()") Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Paul Moore <paul@paul-moore.com> selinux: Return directly after a failed kzalloc() in roles_init() 2017-03-29T15:39:17+00:00 Markus Elfring elfring@users.sourceforge.net 2017-01-15T11:10:09+00:00 urn:sha1:ebd2b47ba52760e9653456ba19032f79d734a343 Return directly after a call of the function "kzalloc" failed at the beginning. Signed-off-by: Markus Elfring <elfring@users.sourceforge.net> Signed-off-by: Paul Moore <paul@paul-moore.com> selinux: Return directly after a failed kzalloc() in perm_read() 2017-03-29T15:30:51+00:00 Markus Elfring elfring@users.sourceforge.net 2017-01-15T10:20:13+00:00 urn:sha1:7befb7514e5d53026e9fe4a6548f118a65a20a4f Return directly after a call of the function "kzalloc" failed at the beginning. Signed-off-by: Markus Elfring <elfring@users.sourceforge.net> Signed-off-by: Paul Moore <paul@paul-moore.com> selinux: Return directly after a failed kzalloc() in common_read() 2017-03-29T15:29:11+00:00 Markus Elfring elfring@users.sourceforge.net 2017-01-15T10:15:19+00:00 urn:sha1:442ca4d656645505346017c37ac137cde680bf38 Return directly after a call of the function "kzalloc" failed at the beginning. Signed-off-by: Markus Elfring <elfring@users.sourceforge.net> Signed-off-by: Paul Moore <paul@paul-moore.com> selinux: Return directly after a failed kzalloc() in class_read() 2017-03-29T15:24:58+00:00 Markus Elfring elfring@users.sourceforge.net 2017-01-14T21:30:51+00:00 urn:sha1:df4a14dfb484f95d81126e481e66b6e22eec49e8 Return directly after a call of the function "kzalloc" failed at the beginning. Signed-off-by: Markus Elfring <elfring@users.sourceforge.net> Signed-off-by: Paul Moore <paul@paul-moore.com> selinux: Return directly after a failed kzalloc() in role_read() 2017-03-29T15:22:12+00:00 Markus Elfring elfring@users.sourceforge.net 2017-01-14T21:20:25+00:00 urn:sha1:ea6e2f7d12921f336def7398805ee3b1619e2f4b Return directly after a call of the function "kzalloc" failed at the beginning. Signed-off-by: Markus Elfring <elfring@users.sourceforge.net> Signed-off-by: Paul Moore <paul@paul-moore.com> selinux: Return directly after a failed kzalloc() in type_read() 2017-03-29T15:20:07+00:00 Markus Elfring elfring@users.sourceforge.net 2017-01-14T21:15:54+00:00 urn:sha1:549fe69ee5c7a7f55c34555032961a2265e6e713 Return directly after a call of the function "kzalloc" failed at the beginning. Signed-off-by: Markus Elfring <elfring@users.sourceforge.net> Signed-off-by: Paul Moore <paul@paul-moore.com>