Commit ff95eddd authored by Andrew Morton's avatar Andrew Morton Committed by Linus Torvalds

[PATCH] SELinux check behavior value

From: Stephen Smalley <sds@epoch.ncsc.mil>

This patch fixes a bug in the SELinux module by adding a check of the
filesystem labeling behavior value obtained from the policy.
parent 1c814119
...@@ -313,9 +313,15 @@ static int superblock_doinit(struct super_block *sb) ...@@ -313,9 +313,15 @@ static int superblock_doinit(struct super_block *sb)
sbsec->initialized = 1; sbsec->initialized = 1;
if (sbsec->behavior > ARRAY_SIZE(labeling_behaviors)) {
printk(KERN_INFO "SELinux: initialized (dev %s, type %s), unknown behavior\n",
sb->s_id, sb->s_type->name);
}
else {
printk(KERN_INFO "SELinux: initialized (dev %s, type %s), %s\n", printk(KERN_INFO "SELinux: initialized (dev %s, type %s), %s\n",
sb->s_id, sb->s_type->name, sb->s_id, sb->s_type->name,
labeling_behaviors[sbsec->behavior-1]); labeling_behaviors[sbsec->behavior-1]);
}
/* Initialize the root inode. */ /* Initialize the root inode. */
rc = inode_doinit_with_dentry(sb->s_root->d_inode, sb->s_root); rc = inode_doinit_with_dentry(sb->s_root->d_inode, sb->s_root);
......
...@@ -1301,6 +1301,8 @@ int policydb_read(struct policydb *p, void *fp) ...@@ -1301,6 +1301,8 @@ int policydb_read(struct policydb *p, void *fp)
if (!buf) if (!buf)
goto bad; goto bad;
c->v.behavior = le32_to_cpu(buf[0]); c->v.behavior = le32_to_cpu(buf[0]);
if (c->v.behavior > SECURITY_FS_USE_NONE)
goto bad;
len = le32_to_cpu(buf[1]); len = le32_to_cpu(buf[1]);
buf = next_entry(fp, len); buf = next_entry(fp, len);
if (!buf) if (!buf)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment