linux-arm.git - Russell King's ARM Linux kernel tree

diff options

author	KP Singh <kpsingh@google.com>	2020-05-20 14:56:16 +0200
committer	Alexei Starovoitov <ast@kernel.org>	2020-05-20 20:12:07 -0700
commit	0550cfe8c2c6f8e7a4c348b6603a794576db12dd (patch)
tree	5d01836dd15038bed2fdd235c31d7e528e1fd9b3 /Makefile
parent	20a785aa52c82246055a089e55df9dac47d67da1 (diff)

security: Fix hook iteration for secid_to_secctx

secid_to_secctx is not stackable, and since the BPF LSM registers this hook by default, the call_int_hook logic is not suitable which "bails-on-fail" and casues issues when other LSMs register this hook and eventually breaks Audit. In order to fix this, directly iterate over the security hooks instead of using call_int_hook as suggested in: https: //lore.kernel.org/bpf/9d0eb6c6-803a-ff3a-5603-9ad6d9edfc00@schaufler-ca.com/#t Fixes: 98e828a0650f ("security: Refactor declaration of LSM hooks") Fixes: 625236ba3832 ("security: Fix the default value of secid_to_secctx hook") Reported-by: Alexei Starovoitov <ast@kernel.org> Signed-off-by: KP Singh <kpsingh@google.com> Signed-off-by: Alexei Starovoitov <ast@kernel.org> Acked-by: James Morris <jamorris@linux.microsoft.com> Link: https://lore.kernel.org/bpf/20200520125616.193765-1-kpsingh@chromium.org

Diffstat (limited to 'Makefile')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: