[PATCH lsm/dev] netfilter: Use correct length value in ctnetlink_secctx_size
Paul Moore
paul at paul-moore.com
Fri Nov 1 22:37:12 UTC 2024
On Fri, Nov 1, 2024 at 6:35 PM Paul Moore <paul at paul-moore.com> wrote:
> On Fri, Nov 1, 2024 at 4:07 PM Paul Moore <paul at paul-moore.com> wrote:
> > On Fri, Nov 1, 2024 at 2:43 PM Casey Schaufler <casey at schaufler-ca.com> wrote:
> > >
> > > Use the correct value for the context length returned by
> > > security_secid_to_secctx().
> > >
> > > Signed-off-by: Casey Schaufler <casey at schaufler-ca.com>
> > > ---
> > > net/netfilter/nf_conntrack_netlink.c | 4 ++--
> > > 1 file changed, 2 insertions(+), 2 deletions(-)
> >
> > Thanks Casey, I'm going to merge this into lsm/dev-staging for
> > testing, but additional comments, reviews, etc. are always welcome.
>
> Unfortunately it looks like there is still an issue. Running the NFS
> tests from the selinux-testsuite I hit the panic splat below ...
To be clear, this is from code in the lsm/dev-staging branch, not
lsm/dev or lsm/next so while we need to get this fixed, it isn't a "uh
oh, we broke linux-next" type of situation.
--
paul-moore.com
More information about the Linux-security-module-archive
mailing list