Looks like issue in handling active_nodes count in 4.19 kernel
paul at paul-moore.com
Sat Dec 21 16:02:37 UTC 2019
On Fri, Dec 20, 2019 at 7:03 AM Ravi Kumar Siddojigari
<rsiddoji at codeaurora.org> wrote:
> Thanks for correcting , Adding the signoff of orginal author in the
> following commit .
> From 6308b405e2097ab9d82c5a3894815daf7331e0b6 Mon Sep 17 00:00:00 2001
> From: Jaihind Yadav <jaihindyadav at codeaurora.org>
> Date: Tue, 17 Dec 2019 17:25:47 +0530
> Subject: [PATCH] selinux: ensure we cleanup the internal AVC counters on error
> in avc_update()
> To: rsiddoji at codeaurora.org
> In AVC update we don't call avc_node_kill() when avc_xperms_populate()
> fails, resulting in the avc->avc_cache.active_nodes counter having a
> false value.In last patch this changes was missed , so correcting it.
> Signed-off-by: Jaihind Yadav <jaihindyadav at codeaurora.org>
> Signed-off-by: Ravi Kumar Siddojigari <rsiddoji at codeaurora.org>
> security/selinux/avc.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
Merged into selinux/next, thanks!
More information about the Linux-security-module-archive