[PATCH] selinux,xfrm: fix dangling refcount on deferred skb free
Paul Moore
paul at paul-moore.com
Thu Nov 7 23:04:02 UTC 2024
On Wed, Nov 6, 2024 at 11:54 AM Ondrej Mosnacek <omosnace at redhat.com> wrote:
>
> ... That made me look deeper into history
> which commit actually added the decrement on free and it turns out it
> was done intentionally as a bugfix - see commit e4e8536f65b5
> ("selinux: fix the labeled xfrm/IPsec reference count handling").
> Before that commit the logic was similar to what my patch is doing, so
> I could be re-introducing another bug here :-/ The commit message is
> not very helpful there - Paul, do you happen to remember what the
> issue was that prompted it?
With that commit being over 10 years old, I can't say I recall much
about it. I did try to sift through the SELinux archives, but I
didn't see much from 2013. It's possible there is an old RH bugzilla
issue for this, but my RHBZ-fu isn't good enough to search that out -
sorry.
--
paul-moore.com
More information about the Linux-security-module-archive
mailing list