All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH v2 0/1] selinux: fix error initialization in inode_doinit_with_dentry()
@ 2020-09-30  1:31 rentianyue
  0 siblings, 0 replies; 2+ messages in thread
From: rentianyue @ 2020-09-30  1:31 UTC (permalink / raw)
  To: Paul Moore, Stephen Smalley, Eric Paris, Andreas Gruenbacher
  Cc: yangzhao, selinux, Tianyue Ren

From: Tianyue Ren <rentianyue@kylinos.cn>

I think there is a error initialization for isec->sid when the dentry is NULL,
when we do "remount -o rw,remount ${rootmnt}" action before selinux policy loading.It's
leading kernel getting wrong security label "unlabeled_t" when the userspace access
files such as /etc/fstab.

This patch lets the label be invalid before it's initializated correctly.

v2: Modify the patch description

Tianyue Ren (1):
  selinux: fix error initialization in inode_doinit_with_dentry()

 security/selinux/hooks.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

-- 
2.28.0




^ permalink raw reply	[flat|nested] 2+ messages in thread
* [PATCH v2 0/1] selinux: fix error initialization in inode_doinit_with_dentry()
  2020-09-29 14:18 [PATCH v1 1/1] " Stephen Smalley
@ 2020-09-30  1:36 ` rentianyue
  0 siblings, 0 replies; 2+ messages in thread
From: rentianyue @ 2020-09-30  1:36 UTC (permalink / raw)
  To: Paul Moore, Stephen Smalley, Eric Paris, Andreas Gruenbacher
  Cc: yangzhao, selinux, Tianyue Ren

From: Tianyue Ren <rentianyue@kylinos.cn>

I think there is a error initialization for isec->sid when the dentry is NULL,
when we do "remount -o rw,remount ${rootmnt}" action before selinux policy loading.It's
leading kernel getting wrong security label "unlabeled_t" when the userspace access
files such as /etc/fstab.

This patch lets the label be invalid before it's initializated correctly.

v2: Modify the patch description

Tianyue Ren (1):
  selinux: fix error initialization in inode_doinit_with_dentry()

 security/selinux/hooks.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

-- 
2.28.0




^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-09-30  1:38 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-09-30  1:31 [PATCH v2 0/1] selinux: fix error initialization in inode_doinit_with_dentry() rentianyue
  -- strict thread matches above, loose matches on Subject: below --
2020-09-29 14:18 [PATCH v1 1/1] " Stephen Smalley
2020-09-30  1:36 ` [PATCH v2 0/1] " rentianyue

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.