Received: by 2002:a25:1985:0:0:0:0:0 with SMTP id 127csp2291428ybz; Thu, 30 Apr 2020 14:29:34 -0700 (PDT) X-Google-Smtp-Source: APiQypLYvLscH0jVDFuRoQSGGQc9dVGbMhDgRgiTG/tiKKN/D64+uXdfvfxj4uaetM7/n2UlSOKn X-Received: by 2002:a05:6402:2032:: with SMTP id ay18mr974385edb.16.1588282174250; Thu, 30 Apr 2020 14:29:34 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1588282174; cv=none; d=google.com; s=arc-20160816; b=hJ7667g2n21VDgwxARO2iWCNTwfWS3aeGzq50kJpzSzFf5r8ojZFpIjCVUvke5l2Kq SURT14KOz1PW7EgNmOt2MsMsT7Iw15DKvdxOyzIjU8KYX25hR3zSlMdG1oyMqssgEkOR kz3aDtWNNnSXvAIPzOGN9HY7F3TIoxnxNfoADHhHv4Ky6bi4Y92xOCt1OiXw6W5WkPJp ptkFYgurhEOQX7zXgBCrRgTU22J7J4QE9+nYA6BRVnXfHGFUA6zVWeJZjwYFTVPTzNBD 6u7aIFwrv6JtSNLskYl62V9YprUfx4NlB9w8BDHUiFtL77MBjbxoneCW2x/ohywWXIih dCpA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :mime-version:dkim-signature; bh=ZoHEfmnTDcYESuGHbMmk2jQ8V1rJF9rmlj/si8zVjxI=; b=fQ1ghxNCWo9vNqwhjw08z1AxDHLpXQqK4fN+GyzxmTYHAvuYAWFzceTyFYqNjYfpIC xn1zj/mwv9iBavwpnZSTQY2Jat6Ba8BGXkqBWENzcfhbwq2ZTCCfV2YMU3PwQW4MhikU xEoi0kDjnKtsZI3B5olOvGYi3VSw84wTHk6ieN0hBqOn3cDxvRYjC7g8CTdu7YOe2yQt ZSXPzhf4wWLxDbITd54L3Y79oBG8eIts6rjWRQw3LT/kHei5hgr2I9PZq1n4NTNwx9dB H2fsVXp9YPwua7fkbt4nEYJqHcaBB1ZDW9npXmxi0mT+jT0hNo9p5STTtXgM3ILe81lb DMRg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=u43mV+hG; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id j20si455129ejs.316.2020.04.30.14.29.11; Thu, 30 Apr 2020 14:29:34 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=u43mV+hG; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727808AbgD3VYe (ORCPT + 99 others); Thu, 30 Apr 2020 17:24:34 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41626 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-FAIL-OK-FAIL) by vger.kernel.org with ESMTP id S1726470AbgD3VYd (ORCPT ); Thu, 30 Apr 2020 17:24:33 -0400 Received: from mail-ed1-x543.google.com (mail-ed1-x543.google.com [IPv6:2a00:1450:4864:20::543]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CCCABC035494 for ; Thu, 30 Apr 2020 14:24:32 -0700 (PDT) Received: by mail-ed1-x543.google.com with SMTP id k22so5770161eds.6 for ; Thu, 30 Apr 2020 14:24:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore-com.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to:cc; bh=ZoHEfmnTDcYESuGHbMmk2jQ8V1rJF9rmlj/si8zVjxI=; b=u43mV+hGSTT4+UwN7S5H34Rl13o9HAwNg3reMvcv91FGB3/J/PQKAaZFJ/nQeimszj THdwtNIqmHQ0JM/vyg7n58WK7i+eO6w6ei1Eha2OHMyHSK2yNuB1ZQxeg374ux1IgYzI vRmwvziesLZIYRTX0nTIzUc5dB5xBETPxmwQ66CdMuXnJ1ISnquymOV5aWGUCxILtguO 2/V7AYrHZvKXQ/Tlp8jziBb0p/Q0813u8Vwdg4bF/yT5sE4Ho0EVXaNPW2F0YAfac6cf GFZJpTwp/3KlgkjkAz141tqNE1prHqV5Nio3IiZ1VKSmruzUiA9PW9wkiLQF5K6yZdh1 FTQQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=ZoHEfmnTDcYESuGHbMmk2jQ8V1rJF9rmlj/si8zVjxI=; b=eA7A5kcNGieAjkgZOTpnaxI0bqcVo0ilxZiN90nbWZi97c6cqMMbSd8OPwugvEpjI+ Ix6zFch47/fkV53Uyw6rYyZCrDb+3trnoWFuZkgEDuDSIWs/STHkx9itetcfp24RJ07F T7ofi6krwd+5BcVm+G4cGqKlnejXEx8wpP3j/Ppn6ZNKJjIp9oy2gWTjxYx/AXJODNWR 30d98gtd51FB7gDcgVTonIgg/3bR0sy5lbGFI57i5tf2Trre3iW3PwfO6lE5RGC4x87G 9io0QrYJbZIMQco8DB0pG8qb/PUAwd/0yJe893L4T8e/on1t0OboD/+SpkKEhW7fpefM PP/Q== X-Gm-Message-State: AGi0PuZFAfgbp4yhHGhVk6m6zNvbvKw0J6hf+0ck8XLVFZcumeI/zzAi 2WXHG4QlmJckhlNR6ONSwRzvvRjx6uAx+uv9gJBb X-Received: by 2002:a50:d98b:: with SMTP id w11mr865134edj.196.1588281871459; Thu, 30 Apr 2020 14:24:31 -0700 (PDT) MIME-Version: 1.0 From: Paul Moore Date: Thu, 30 Apr 2020 17:24:20 -0400 Message-ID: Subject: [GIT PULL] SELinux fixes for v5.7 (#2) To: Linus Torvalds Cc: selinux@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Linus, Two more SELinux patches to fix problems in the v5.7-rcX releases. Wei Yongjun's patch fixes a return code in an error path, and my patch fixes a problem where we were not correctly applying access controls to all of the netlink messages in the netlink_send LSM hook. Both patches pass our tests without problem and currently apply cleanly on top of your master branch. Please merge for the next -rcX release. Thanks, -Paul -- The following changes since commit af15f14c8cfcee515f4e9078889045ad63efefe3: selinux: free str on error in str_read() (2020-04-15 17:23:16 -0400) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git tags/selinux-pr-20200430 for you to fetch changes up to fb73974172ffaaf57a7c42f35424d9aece1a5af6: selinux: properly handle multiple messages in selinux_netlink_send() (2020-04-30 16:18:37 -0400) ---------------------------------------------------------------- selinux/stable-5.7 PR 20200430 ---------------------------------------------------------------- Paul Moore (1): selinux: properly handle multiple messages in selinux_netlink_send() Wei Yongjun (1): selinux: fix error return code in cond_read_list() security/selinux/hooks.c | 70 +++++++++++++++++++++---------- security/selinux/ss/conditional.c | 2 +- 2 files changed, 46 insertions(+), 26 deletions(-) -- paul moore www.paul-moore.com