aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
Diffstat (limited to 'security')
-rw-r--r--security/commoncap.c1
-rw-r--r--security/keys/request_key.c9
-rw-r--r--security/smack/smack_lsm.c11
-rw-r--r--security/tomoyo/common.c6
-rw-r--r--security/tomoyo/common.h2
-rw-r--r--security/tomoyo/domain.c2
-rw-r--r--security/tomoyo/file.c2
-rw-r--r--security/tomoyo/realpath.c2
-rw-r--r--security/tomoyo/realpath.h2
-rw-r--r--security/tomoyo/tomoyo.c2
-rw-r--r--security/tomoyo/tomoyo.h2
11 files changed, 22 insertions, 19 deletions
diff --git a/security/commoncap.c b/security/commoncap.c
index 7cd61a5f5205..beac0258c2a8 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -916,7 +916,6 @@ changed:
916 return commit_creds(new); 916 return commit_creds(new);
917 917
918no_change: 918no_change:
919 error = 0;
920error: 919error:
921 abort_creds(new); 920 abort_creds(new);
922 return error; 921 return error;
diff --git a/security/keys/request_key.c b/security/keys/request_key.c
index 22a31582bfaa..03fe63ed55bd 100644
--- a/security/keys/request_key.c
+++ b/security/keys/request_key.c
@@ -311,7 +311,8 @@ static int construct_alloc_key(struct key_type *type,
311 311
312 set_bit(KEY_FLAG_USER_CONSTRUCT, &key->flags); 312 set_bit(KEY_FLAG_USER_CONSTRUCT, &key->flags);
313 313
314 down_write(&dest_keyring->sem); 314 if (dest_keyring)
315 down_write(&dest_keyring->sem);
315 316
316 /* attach the key to the destination keyring under lock, but we do need 317 /* attach the key to the destination keyring under lock, but we do need
317 * to do another check just in case someone beat us to it whilst we 318 * to do another check just in case someone beat us to it whilst we
@@ -322,10 +323,12 @@ static int construct_alloc_key(struct key_type *type,
322 if (!IS_ERR(key_ref)) 323 if (!IS_ERR(key_ref))
323 goto key_already_present; 324 goto key_already_present;
324 325
325 __key_link(dest_keyring, key); 326 if (dest_keyring)
327 __key_link(dest_keyring, key);
326 328
327 mutex_unlock(&key_construction_mutex); 329 mutex_unlock(&key_construction_mutex);
328 up_write(&dest_keyring->sem); 330 if (dest_keyring)
331 up_write(&dest_keyring->sem);
329 mutex_unlock(&user->cons_lock); 332 mutex_unlock(&user->cons_lock);
330 *_key = key; 333 *_key = key;
331 kleave(" = 0 [%d]", key_serial(key)); 334 kleave(" = 0 [%d]", key_serial(key));
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 921514902eca..98b3195347ab 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -609,8 +609,12 @@ static int smack_inode_setxattr(struct dentry *dentry, const char *name,
609 strcmp(name, XATTR_NAME_SMACKIPOUT) == 0) { 609 strcmp(name, XATTR_NAME_SMACKIPOUT) == 0) {
610 if (!capable(CAP_MAC_ADMIN)) 610 if (!capable(CAP_MAC_ADMIN))
611 rc = -EPERM; 611 rc = -EPERM;
612 /* a label cannot be void and cannot begin with '-' */ 612 /*
613 if (size == 0 || (size > 0 && ((char *)value)[0] == '-')) 613 * check label validity here so import wont fail on
614 * post_setxattr
615 */
616 if (size == 0 || size >= SMK_LABELLEN ||
617 smk_import(value, size) == NULL)
614 rc = -EINVAL; 618 rc = -EINVAL;
615 } else 619 } else
616 rc = cap_inode_setxattr(dentry, name, value, size, flags); 620 rc = cap_inode_setxattr(dentry, name, value, size, flags);
@@ -644,9 +648,6 @@ static void smack_inode_post_setxattr(struct dentry *dentry, const char *name,
644 if (strcmp(name, XATTR_NAME_SMACK)) 648 if (strcmp(name, XATTR_NAME_SMACK))
645 return; 649 return;
646 650
647 if (size >= SMK_LABELLEN)
648 return;
649
650 isp = dentry->d_inode->i_security; 651 isp = dentry->d_inode->i_security;
651 652
652 /* 653 /*
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c
index a0affd9cfca8..d4d41b3efc7c 100644
--- a/security/tomoyo/common.c
+++ b/security/tomoyo/common.c
@@ -5,7 +5,7 @@
5 * 5 *
6 * Copyright (C) 2005-2009 NTT DATA CORPORATION 6 * Copyright (C) 2005-2009 NTT DATA CORPORATION
7 * 7 *
8 * Version: 2.2.0-pre 2009/02/01 8 * Version: 2.2.0 2009/04/01
9 * 9 *
10 */ 10 */
11 11
@@ -1773,7 +1773,7 @@ void tomoyo_load_policy(const char *filename)
1773 envp[2] = NULL; 1773 envp[2] = NULL;
1774 call_usermodehelper(argv[0], argv, envp, 1); 1774 call_usermodehelper(argv[0], argv, envp, 1);
1775 1775
1776 printk(KERN_INFO "TOMOYO: 2.2.0-pre 2009/02/01\n"); 1776 printk(KERN_INFO "TOMOYO: 2.2.0 2009/04/01\n");
1777 printk(KERN_INFO "Mandatory Access Control activated.\n"); 1777 printk(KERN_INFO "Mandatory Access Control activated.\n");
1778 tomoyo_policy_loaded = true; 1778 tomoyo_policy_loaded = true;
1779 { /* Check all profiles currently assigned to domains are defined. */ 1779 { /* Check all profiles currently assigned to domains are defined. */
@@ -1800,7 +1800,7 @@ void tomoyo_load_policy(const char *filename)
1800static int tomoyo_read_version(struct tomoyo_io_buffer *head) 1800static int tomoyo_read_version(struct tomoyo_io_buffer *head)
1801{ 1801{
1802 if (!head->read_eof) { 1802 if (!head->read_eof) {
1803 tomoyo_io_printf(head, "2.2.0-pre"); 1803 tomoyo_io_printf(head, "2.2.0");
1804 head->read_eof = true; 1804 head->read_eof = true;
1805 } 1805 }
1806 return 0; 1806 return 0;
diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h
index e77e6a6de0f2..678f4ff16aa4 100644
--- a/security/tomoyo/common.h
+++ b/security/tomoyo/common.h
@@ -5,7 +5,7 @@
5 * 5 *
6 * Copyright (C) 2005-2009 NTT DATA CORPORATION 6 * Copyright (C) 2005-2009 NTT DATA CORPORATION
7 * 7 *
8 * Version: 2.2.0-pre 2009/02/01 8 * Version: 2.2.0 2009/04/01
9 * 9 *
10 */ 10 */
11 11
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c
index 2f2b449ffd2d..2d6748741a26 100644
--- a/security/tomoyo/domain.c
+++ b/security/tomoyo/domain.c
@@ -5,7 +5,7 @@
5 * 5 *
6 * Copyright (C) 2005-2009 NTT DATA CORPORATION 6 * Copyright (C) 2005-2009 NTT DATA CORPORATION
7 * 7 *
8 * Version: 2.2.0-pre 2009/02/01 8 * Version: 2.2.0 2009/04/01
9 * 9 *
10 */ 10 */
11 11
diff --git a/security/tomoyo/file.c b/security/tomoyo/file.c
index 65f50c1c5ee9..2316da8ec5bc 100644
--- a/security/tomoyo/file.c
+++ b/security/tomoyo/file.c
@@ -5,7 +5,7 @@
5 * 5 *
6 * Copyright (C) 2005-2009 NTT DATA CORPORATION 6 * Copyright (C) 2005-2009 NTT DATA CORPORATION
7 * 7 *
8 * Version: 2.2.0-pre 2009/02/01 8 * Version: 2.2.0 2009/04/01
9 * 9 *
10 */ 10 */
11 11
diff --git a/security/tomoyo/realpath.c b/security/tomoyo/realpath.c
index 3bbe01a7a4b5..bf8e2b451687 100644
--- a/security/tomoyo/realpath.c
+++ b/security/tomoyo/realpath.c
@@ -5,7 +5,7 @@
5 * 5 *
6 * Copyright (C) 2005-2009 NTT DATA CORPORATION 6 * Copyright (C) 2005-2009 NTT DATA CORPORATION
7 * 7 *
8 * Version: 2.2.0-pre 2009/02/01 8 * Version: 2.2.0 2009/04/01
9 * 9 *
10 */ 10 */
11 11
diff --git a/security/tomoyo/realpath.h b/security/tomoyo/realpath.h
index 7ec9fc9cbc07..78217a37960b 100644
--- a/security/tomoyo/realpath.h
+++ b/security/tomoyo/realpath.h
@@ -5,7 +5,7 @@
5 * 5 *
6 * Copyright (C) 2005-2009 NTT DATA CORPORATION 6 * Copyright (C) 2005-2009 NTT DATA CORPORATION
7 * 7 *
8 * Version: 2.2.0-pre 2009/02/01 8 * Version: 2.2.0 2009/04/01
9 * 9 *
10 */ 10 */
11 11
diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c
index 3eeeae12c4dc..5b481912752a 100644
--- a/security/tomoyo/tomoyo.c
+++ b/security/tomoyo/tomoyo.c
@@ -5,7 +5,7 @@
5 * 5 *
6 * Copyright (C) 2005-2009 NTT DATA CORPORATION 6 * Copyright (C) 2005-2009 NTT DATA CORPORATION
7 * 7 *
8 * Version: 2.2.0-pre 2009/02/01 8 * Version: 2.2.0 2009/04/01
9 * 9 *
10 */ 10 */
11 11
diff --git a/security/tomoyo/tomoyo.h b/security/tomoyo/tomoyo.h
index a0c8f6e0bea4..41c6ebafb9c5 100644
--- a/security/tomoyo/tomoyo.h
+++ b/security/tomoyo/tomoyo.h
@@ -5,7 +5,7 @@
5 * 5 *
6 * Copyright (C) 2005-2009 NTT DATA CORPORATION 6 * Copyright (C) 2005-2009 NTT DATA CORPORATION
7 * 7 *
8 * Version: 2.2.0-pre 2009/02/01 8 * Version: 2.2.0 2009/04/01
9 * 9 *
10 */ 10 */
11 11
generated by cgit v1.2.2 (git 2.25.0) at 2025-02-20 23:29:40 -0500