Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm / 8b326f10ffb4b68c2ea40d78530a68f4e02931fa
commit8b326f10ffb4b68c2ea40d78530a68f4e02931fa[log] [tgz]
authorPaul Moore <paul@paul-moore.com>Tue Apr 28 09:59:02 2020 -0400
committerchrmhoffmann <chrmhoffmann@gmail.com>Mon Feb 08 21:21:39 2021 +0100
tree2b8c561fdd8f5d1ac8016ab472ea9c13834adddc
parenta1de117717a757edfff561f5a194e40b0636b53b [diff]
selinux: properly handle multiple messages in selinux_netlink_send()

commit fb73974172ffaaf57a7c42f35424d9aece1a5af6 upstream.

Fix the SELinux netlink_send hook to properly handle multiple netlink
messages in a single sk_buff; each message is parsed and subject to
SELinux access control.  Prior to this patch, SELinux only inspected
the first message in the sk_buff.

Cc: stable@vger.kernel.org
Reported-by: Dmitry Vyukov <dvyukov@google.com>
Reviewed-by: Stephen Smalley <stephen.smalley.work@gmail.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
[bwh: Backported to 3.16: adjust context]
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
CVE-2020-0255
Signed-off-by: Kevin F. Haggerty <haggertk@lineageos.org>
Change-Id: Ic48c400f42404363f742212de1933b9c5e88c59e
1 file changed
tree: 2b8c561fdd8f5d1ac8016ab472ea9c13834adddc
  1. android/
  2. arch/
  3. block/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. firmware/
  8. fs/
  9. include/
  10. init/
  11. ipc/
  12. kernel/
  13. lib/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .gitignore
  24. .mailmap
  25. AndroidKernel.mk
  26. COPYING
  27. CREDITS
  28. Kbuild
  29. Kconfig
  30. MAINTAINERS
  31. Makefile
  32. README
  33. REPORTING-BUGS