linux/net/netlabel
Paul Moore 6b21e1b77d netlabel: improve domain mapping validation
The net/netlabel/netlabel_domainhash.c:netlbl_domhsh_add() function
does not properly validate new domain hash entries resulting in
potential problems when an administrator attempts to add an invalid
entry.  One such problem, as reported by Vlad Halilov, is a kernel
BUG (found in netlabel_domainhash.c:netlbl_domhsh_audit_add()) when
adding an IPv6 outbound mapping with a CIPSO configuration.

This patch corrects this problem by adding the necessary validation
code to netlbl_domhsh_add() via the newly created
netlbl_domhsh_validate() function.

Ideally this patch should also be pushed to the currently active
-stable trees.

Reported-by: Vlad Halilov <vlad.halilov@gmail.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-05-19 14:49:55 -07:00
..
Kconfig [NETLABEL]: Fix build failure. 2006-11-05 16:44:06 -08:00
Makefile doc: Update the email address for Paul Moore in various source files 2011-08-01 17:58:33 -07:00
netlabel_addrlist.c net: use IS_ENABLED(CONFIG_IPV6) 2011-12-11 18:25:16 -05:00
netlabel_addrlist.h net: use IS_ENABLED(CONFIG_IPV6) 2011-12-11 18:25:16 -05:00
netlabel_cipso_v4.c netlink: Rename pid to portid to avoid confusion 2012-09-10 15:30:41 -04:00
netlabel_cipso_v4.h doc: Update the email address for Paul Moore in various source files 2011-08-01 17:58:33 -07:00
netlabel_domainhash.c netlabel: improve domain mapping validation 2013-05-19 14:49:55 -07:00
netlabel_domainhash.h net: use IS_ENABLED(CONFIG_IPV6) 2011-12-11 18:25:16 -05:00
netlabel_kapi.c netlabel: use GFP flags from caller instead of GFP_ATOMIC 2012-03-22 19:29:57 -04:00
netlabel_mgmt.c netlink: Rename pid to portid to avoid confusion 2012-09-10 15:30:41 -04:00
netlabel_mgmt.h doc: Update the email address for Paul Moore in various source files 2011-08-01 17:58:33 -07:00
netlabel_unlabeled.c netlabel: fix build problems when CONFIG_IPV6=n 2013-03-08 11:33:51 -05:00
netlabel_unlabeled.h doc: Update the email address for Paul Moore in various source files 2011-08-01 17:58:33 -07:00
netlabel_user.c userns: Convert the audit loginuid to be a kuid 2012-09-17 18:08:54 -07:00
netlabel_user.h doc: Update the email address for Paul Moore in various source files 2011-08-01 17:58:33 -07:00