review.tizen.org Git - platform/kernel/linux-stable.git/commit

author	Paul Moore <pmoore@redhat.com>
	Fri, 1 Aug 2014 15:17:03 +0000 (11:17 -0400)
committer	Rafal Krypa <r.krypa@samsung.com>
	Thu, 30 Jun 2016 12:57:37 +0000 (14:57 +0200)
commit	60e3f319ec2e6206ddfc7e4d5c50758ea5acc96b
tree	8b04a80e48d8cf318138ceddf44838009023a77e	tree \| snapshot
parent	eddbfd528e525b9afa416679f90cfb341517969b	commit \| diff

BACKPORT: netlabel: fix a problem when setting bits below the previously lowest bit

The NetLabel category (catmap) functions have a problem in that they
assume categories will be set in an increasing manner, e.g. the next
category set will always be larger than the last. Unfortunately, this
is not a valid assumption and could result in problems when attempting
to set categories less than the startbit in the lowest catmap node.
In some cases kernel panics and other nasties can result.

This patch corrects the problem by checking for this and allocating a
new catmap node instance and placing it at the front of the list.

Cc: stable@vger.kernel.org
Reported-by: Christian Evans <frodox@zoho.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
Tested-by: Casey Schaufler <casey@schaufler-ca.com>
(cherry-picked from upstream 41c3bd2039e0d7b3dc32313141773f20716ec524)

include/net/netlabel.h		diff \| blob \| history
net/ipv4/cipso_ipv4.c		diff \| blob \| history
net/netlabel/netlabel_kapi.c		diff \| blob \| history
security/smack/smack_access.c		diff \| blob \| history