kybaaz/linux-xiaomi-chiron
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
linux-xiaomi-chiron/security
History
Tetsuo Handa b9ef5513c9 smack: Check address length before reading address family 
KMSAN will complain if valid address length passed to bind()/connect()/
sendmsg() is shorter than sizeof("struct sockaddr"->sa_family) bytes.

Also, since smk_ipv6_port_label()/smack_netlabel_send()/
smack_ipv6host_label()/smk_ipv6_check()/smk_ipv6_port_check() are not
checking valid address length and/or address family, make sure we check
both. The minimal valid length in smack_socket_connect() is changed from
sizeof(struct sockaddr_in6) bytes to SIN6_LEN_RFC2133 bytes, for it seems
that Smack is not using "struct sockaddr_in6"->sin6_scope_id field.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
2019-04-29 17:32:27 -07:00
..
apparmor + Bug Fixes 2019-03-13 11:07:36 -07:00
integrity Merge branch 'next-tpm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2019-03-10 17:37:29 -07:00
keys Merge branch 'next-tpm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2019-03-10 17:37:29 -07:00
loadpin LoadPin: Initialize as ordered LSM 2019-01-08 13:18:43 -08:00
safesetid LSM: fix return value check in safesetid_init_securityfs() 2019-02-12 10:59:22 -08:00
selinux selinux: fix NULL dereference in policydb_destroy() 2019-03-18 12:19:48 -04:00
smack smack: Check address length before reading address family 2019-04-29 17:32:27 -07:00
tomoyo tomoyo: Bump version. 2019-02-19 14:17:25 -08:00
yama Linux 5.0-rc3 2019-01-22 14:33:10 -08:00
commoncap.c audit/stable-5.1 PR 20190305 2019-03-07 12:20:11 -08:00
device_cgroup.c docs: fix broken references with multiple hints 2018-06-15 18:10:01 -03:00
inode.c security: fs: make inode explicitly non-modular 2018-12-12 14:58:51 -08:00
Kconfig LSM: Update list of SECURITYFS users in Kconfig 2019-03-01 09:52:54 -08:00
lsm_audit.c missing barriers in some of unix_sock ->addr and ->path accesses 2019-02-20 20:06:28 -08:00
Makefile LSM: add SafeSetID module that gates setid calls 2019-01-25 11:22:45 -08:00
min_addr.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
security.c Merge branch 'work.mount' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-03-12 14:08:19 -07:00