diff options
author | 2023-09-15 14:04:22 -0400 | |
---|---|---|
committer | 2023-09-15 14:04:22 -0400 | |
commit | 5df5f5fb4856b26077f84645a8c9ed2b8bae0edf (patch) | |
tree | d410a0f50fc37891da325fa04bbfcff180ab0628 | |
parent | Remove redundant patch (diff) | |
download | linux-patches-5df5f5fb4856b26077f84645a8c9ed2b8bae0edf.tar.gz linux-patches-5df5f5fb4856b26077f84645a8c9ed2b8bae0edf.tar.bz2 linux-patches-5df5f5fb4856b26077f84645a8c9ed2b8bae0edf.zip |
selinux: fix handling of empty opts in selinux_fs_context_submount()6.56.1-60
Bug: https://bugs.gentoo.org/914204
Signed-off-by: Mike Pagano <mpagano@gentoo.org>
-rw-r--r-- | 0000_README | 4 | ||||
-rw-r--r-- | 1515_selinux-fix-handling-of-empty-opts.patch | 51 |
2 files changed, 55 insertions, 0 deletions
diff --git a/0000_README b/0000_README index 053298cf..e0a65c77 100644 --- a/0000_README +++ b/0000_README @@ -263,6 +263,10 @@ Patch: 1510_fs-enable-link-security-restrictions-by-default.patch From: http://sources.debian.net/src/linux/3.16.7-ckt4-3/debian/patches/debian/fs-enable-link-security-restrictions-by-default.patch/ Desc: Enable link security restrictions by default. +Patch: 1515_selinux-fix-handling-of-empty-opts.patch +From: https://www.spinics.net/lists/linux-fsdevel/msg249428.html +Desc: selinux: fix handling of empty opts in selinux_fs_context_submount() + Patch: 1700_sparc-address-warray-bound-warnings.patch From: https://github.com/KSPP/linux/issues/109 Desc: Address -Warray-bounds warnings diff --git a/1515_selinux-fix-handling-of-empty-opts.patch b/1515_selinux-fix-handling-of-empty-opts.patch new file mode 100644 index 00000000..10336ec5 --- /dev/null +++ b/1515_selinux-fix-handling-of-empty-opts.patch @@ -0,0 +1,51 @@ +selinux: fix handling of empty opts in selinux_fs_context_submount() + +selinux_set_mnt_opts() relies on the fact that the mount options pointer +is always NULL when all options are unset (specifically in its +!selinux_initialized() branch. However, the new +selinux_fs_context_submount() hook breaks this rule by allocating a new +structure even if no options are set. That causes any submount created +before a SELinux policy is loaded to be rejected in +selinux_set_mnt_opts(). + +Fix this by making selinux_fs_context_submount() leave fc->security +set to NULL when there are no options to be copied from the reference +superblock. + +Reported-by: Adam Williamson <awilliam@xxxxxxxxxx> +Link: https://bugzilla.redhat.com/show_bug.cgi?id=2236345 +Fixes: d80a8f1b58c2 ("vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing") +Signed-off-by: Ondrej Mosnacek <omosnace@xxxxxxxxxx> +--- + security/selinux/hooks.c | 10 ++++++++-- + 1 file changed, 8 insertions(+), 2 deletions(-) + +diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c +index 10350534de6d6..2aa0e219d7217 100644 +--- a/security/selinux/hooks.c ++++ b/security/selinux/hooks.c +@@ -2775,14 +2775,20 @@ static int selinux_umount(struct vfsmount *mnt, int flags) + static int selinux_fs_context_submount(struct fs_context *fc, + struct super_block *reference) + { +- const struct superblock_security_struct *sbsec; ++ const struct superblock_security_struct *sbsec = selinux_superblock(reference); + struct selinux_mnt_opts *opts; + ++ /* ++ * Ensure that fc->security remains NULL when no options are set ++ * as expected by selinux_set_mnt_opts(). ++ */ ++ if (!(sbsec->flags & (FSCONTEXT_MNT|CONTEXT_MNT|DEFCONTEXT_MNT))) ++ return 0; ++ + opts = kzalloc(sizeof(*opts), GFP_KERNEL); + if (!opts) + return -ENOMEM; + +- sbsec = selinux_superblock(reference); + if (sbsec->flags & FSCONTEXT_MNT) + opts->fscontext_sid = sbsec->sid; + if (sbsec->flags & CONTEXT_MNT) +-- +2.41.0 |