From: Jiri Slaby <jslaby@suse.cz>
To: stable@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, Eric Paris <eparis@redhat.com>,
Paul Moore <pmoore@redhat.com>, Jiri Slaby <jslaby@suse.cz>
Subject: [PATCH 3.12 119/122] SELinux: fix selinuxfs policy file on big endian systems
Date: Tue, 17 Feb 2015 12:35:06 +0100 [thread overview]
Message-ID: <ebf1059f4bc4e12a6878c44137f95fafc1fe55b3.1424099974.git.jslaby@suse.cz> (raw)
In-Reply-To: <09e6fe32192a77f6e2e60cc0f4103e630c7ecf20.1424099973.git.jslaby@suse.cz>
In-Reply-To: <cover.1424099973.git.jslaby@suse.cz>
From: Eric Paris <eparis@redhat.com>
3.12-stable review patch. If anyone has any objections, please let me know.
===============
commit b138004ea0382bdc6d02599c39392651b4f63889 upstream.
The /sys/fs/selinux/policy file is not valid on big endian systems like
ppc64 or s390. Let's see why:
static int hashtab_cnt(void *key, void *data, void *ptr)
{
int *cnt = ptr;
*cnt = *cnt + 1;
return 0;
}
static int range_write(struct policydb *p, void *fp)
{
size_t nel;
[...]
/* count the number of entries in the hashtab */
nel = 0;
rc = hashtab_map(p->range_tr, hashtab_cnt, &nel);
if (rc)
return rc;
buf[0] = cpu_to_le32(nel);
rc = put_entry(buf, sizeof(u32), 1, fp);
So size_t is 64 bits. But then we pass a pointer to it as we do to
hashtab_cnt. hashtab_cnt thinks it is a 32 bit int and only deals with
the first 4 bytes. On x86_64 which is little endian, those first 4
bytes and the least significant, so this works out fine. On ppc64/s390
those first 4 bytes of memory are the high order bits. So at the end of
the call to hashtab_map nel has a HUGE number. But the least
significant 32 bits are all 0's.
We then pass that 64 bit number to cpu_to_le32() which happily truncates
it to a 32 bit number and does endian swapping. But the low 32 bits are
all 0's. So no matter how many entries are in the hashtab, big endian
systems always say there are 0 entries because I screwed up the
counting.
The fix is easy. Use a 32 bit int, as the hashtab_cnt expects, for nel.
Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
Signed-off-by: Jiri Slaby <jslaby@suse.cz>
---
security/selinux/ss/policydb.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c
index 4d35eb75f129..ee53ddca587b 100644
--- a/security/selinux/ss/policydb.c
+++ b/security/selinux/ss/policydb.c
@@ -3215,9 +3215,8 @@ static int range_write_helper(void *key, void *data, void *ptr)
static int range_write(struct policydb *p, void *fp)
{
- size_t nel;
__le32 buf[1];
- int rc;
+ int rc, nel;
struct policy_data pd;
pd.p = p;
--
2.2.2
next prev parent reply other threads:[~2015-02-17 11:36 UTC|newest]
Thread overview: 131+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-02-17 11:34 [PATCH 3.12 000/122] 3.12.38-stable review Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 001/122] asus-wmi: Set WAPF to 4 for Asus X550CA Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 002/122] WAPF 4 for ASUSTeK COMPUTER INC. X75VBP WLAN ON Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 003/122] asus-nb-wmi: Add ASUSTeK COMPUTER INC. X200CA Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 004/122] asus-nb-wmi: Add wapf4 quirk for the X550CL Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 005/122] asus-nb-wmi: Add wapf4 quirk for the X550CC Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 006/122] asus-nb-wmi.c: Rename x401u quirk to wapf4 Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 007/122] asus-nb-wmi: Add wapf4 quirk for the U32U Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 008/122] asus-nb-wmi: Add wapf4 quirk for the X550VB Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 009/122] asus-nb-wmi: Add another wapf=4 quirk Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 010/122] ipc: fix compat msgrcv with negative msgtyp Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 011/122] ipc/compat_sys_msgrcv: change msgtyp type from long to compat_long_t Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 012/122] tcm_loop: Fix wrong I_T nexus association Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 013/122] target: Drop arbitrary maximum I/O size limit Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 014/122] arm64: Fix up /proc/cpuinfo Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 015/122] mmc: sdhci-acpi: add new ACPI ID Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 016/122] mmc: sdhci-acpi: Add device id 80860F16 Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 017/122] mmc: sdhci-acpi: Intel SDIO has broken card detect Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 018/122] mmc: sdhci: Preset value not supported in Baytrail eMMC Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 019/122] mmc: sdhci-acpi: Add a HID and UID for a SD Card host controller Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 020/122] mmc: sdhci-acpi: Add ACPI HID INT344D Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 021/122] mmc: sdhci-pci: add broken HS200 quirk for Intel Merrifield Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 022/122] mmc: sdhci: add quirk for broken HS200 support Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 023/122] mmc: sdhci: add support for realtek rts5250 Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 024/122] mmc: sdhci-pci: break out definitions to header file Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 025/122] mmc: sdhci: Add PCI IDs for Intel Braswell Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 026/122] mmc: sdhci-pci: Fix Braswell eMMC timeout clock frequency Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 027/122] mmc: sdhci-pci: Add support for Intel SPT Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 028/122] spi: dw-mid: fix FIFO size Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 029/122] ASoC: wm8960: Fix capture sample rate from 11250 to 11025 Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 030/122] ASoC: omap-mcbsp: Correct CBM_CFS dai format configuration Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 031/122] can: kvaser_usb: Do not sleep in atomic context Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 032/122] can: kvaser_usb: Send correct context to URB completion Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 033/122] can: kvaser_usb: Retry the first bulk transfer on -ETIMEDOUT Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 034/122] can: kvaser_usb: Fix state handling upon BUS_ERROR events Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 035/122] powerpc/xmon: Fix another endiannes issue in RTAS call from xmon Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 036/122] ALSA: seq-dummy: remove deadlock-causing events on close Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 037/122] rbd: drop parent_ref in rbd_dev_unprobe() unconditionally Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 038/122] i2c: s3c2410: fix ABBA deadlock by keeping clock prepared Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 039/122] Input: synaptics - adjust min/max for Lenovo ThinkPad X1 Carbon 2nd Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 040/122] Input: i8042 - add noloop quirk for Medion Akoya E7225 (MD98857) Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 041/122] nfs: fix dio deadlock when O_DIRECT flag is flipped Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 042/122] NFSv4.1: Fix an Oops in nfs41_walk_client_list Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 043/122] mac80211: properly set CCK flag in radiotap Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 044/122] nl80211: fix per-station group key get/del and memory leak Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 045/122] dm thin: don't allow messages to be sent to a pool target in READ_ONLY or FAIL mode Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 046/122] dm cache: fix missing ERR_PTR returns and handling Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 047/122] spi/pxa2xx: Clear cur_chip pointer before starting next message Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 048/122] regulator: core: fix race condition in regulator_put() Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 049/122] drivers: net: cpsw: discard dual emac default vlan configuration Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 050/122] drm/i915: Only fence tiled region of object Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 051/122] ARM: DMA: ensure that old section mappings are flushed from the TLB Jiri Slaby
2015-02-17 11:33 ` [PATCH 3.12 052/122] pstore: clarify clearing of _read_cnt in ramoops_context Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 053/122] pstore: skip zero size persistent ram buffer in traverse Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 054/122] pstore: Fix NULL pointer fault if get NULL prz in ramoops_get_next_prz Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 055/122] rbd: fix rbd_dev_parent_get() when parent_overlap == 0 Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 056/122] workqueue: fix subtle pool management issue which can stall whole worker_pool Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 057/122] kconfig: fix bug in search results string: use strlen(gstr->s), not gstr->len Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 058/122] gpio: sysfs: fix memory leak in gpiod_export_link Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 059/122] gpio: sysfs: fix memory leak in gpiod_sysfs_set_active_low Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 060/122] PCI: Add NEC variants to Stratus ftServer PCIe DMI check Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 061/122] MIPS: IRQ: Fix disable_irq on CPU IRQs Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 062/122] MIPS: Fix kernel lockup or crash after CPU offline/online Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 063/122] Complete oplock break jobs before closing file handle Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 064/122] mm: pagewalk: call pte_hole() for VM_PFNMAP during walk_page_range Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 065/122] lib/checksum.c: fix carry in csum_tcpudp_nofold Jiri Slaby
2015-02-17 12:04 ` David Laight
2015-02-17 19:57 ` Karl Beldan
2015-02-18 9:40 ` David Laight
2015-02-18 9:40 ` David Laight
2015-02-19 23:47 ` Karl Beldan
2015-02-17 11:34 ` [PATCH 3.12 066/122] nilfs2: fix deadlock of segment constructor over I_SYNC flag Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 067/122] kconfig: Fix warning "‘jump’ may be used uninitialized" Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 068/122] ext4: prevent bugon on race between write/fcntl Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 069/122] lib/checksum.c: fix build for generic csum_tcpudp_nofold Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 070/122] ASoC: atmel_ssc_dai: fix start event for I2S mode Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 071/122] ASoC: sgtl5000: add delay before first I2C access Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 072/122] ALSA: ak411x: Fix stall in work callback Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 073/122] smpboot: Add missing get_online_cpus() in smpboot_register_percpu_thread() Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 074/122] x86,kvm,vmx: Preserve CR4 across VM entry Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 075/122] crypto: crc32c - add missing crypto module alias Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 076/122] ip: zero sockaddr returned on error queue Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 077/122] net: rps: fix cpu unplug Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 078/122] ipv6: stop sending PTB packets for MTU < 1280 Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 079/122] netxen: fix netxen_nic_poll() logic Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 080/122] net: sctp: fix slab corruption from use after free on INIT collisions Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 081/122] ipv4: try to cache dst_entries which would cause a redirect Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 082/122] udp_diag: Fix socket skipping within chain Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 083/122] ping: Fix race in free in receive path Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 084/122] ipv6: replacing a rt6_info needs to purge possible propagated rt6_infos too Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 085/122] bnx2x: fix napi poll return value for repoll Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 086/122] net: don't OOPS on socket aio Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 087/122] bridge: dont send notification when skb->len == 0 in rtnl_bridge_notify Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 088/122] tcp: ipv4: initialize unicast_sock sk_pacing_rate Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 089/122] ipv4: tcp: get rid of ugly unicast_sock Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 090/122] ppp: deflate: never return len larger than output buffer Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 091/122] net: sctp: fix passing wrong parameter header to param_type2af in sctp_process_param Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 092/122] rbd: drop an unsafe assertion Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 093/122] [media] media/rc: Send sync space information on the lirc device Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 094/122] Bluetooth: ath3k: workaround the compatibility issue with xHCI controller Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 095/122] KVM: x86: Warn if guest virtual address space is not 48-bits Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 096/122] KVM: x86: Handle errors when RIP is set during far jumps Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 097/122] KVM: x86: Getting rid of grp45 in emulator Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 098/122] KVM: x86: Distinguish between stack operation and near branches Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 099/122] KVM: x86: emulating descriptor load misses long-mode case Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 100/122] KVM: vmx: Inject #GP on invalid PAT CR Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 101/122] KVM: x86: Sysexit emulation does not mask RIP/RSP Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 102/122] ipc/sem.c: change memory barrier in sem_lock() to smp_rmb() Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 103/122] ACPI idle: permit sparse C-state sub-state numbers Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 104/122] net, sunrpc: suppress allocation warning in rpc_malloc() Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 105/122] SUNRPC: call_connect_status should recheck bind and connect status on error Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 106/122] SUNRPC: Ensure xprt_connect_status handles all potential connection errors Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 107/122] SUNRPC: Handle connect errors ECONNABORTED and EHOSTUNREACH Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 108/122] SUNRPC: Ensure that call_connect times out correctly Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 109/122] SUNRPC: Ensure call_connect_status() deals correctly with SOFTCONN tasks Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 110/122] SUNRPC: Ensure that we handle ENOBUFS errors correctly Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 111/122] SUNRPC: Handle EPIPE in xprt_connect_status Jiri Slaby
2015-02-17 11:34 ` [PATCH 3.12 112/122] ocfs2: remove filesize checks for sync I/O journal commit Jiri Slaby
2015-02-17 11:35 ` [PATCH 3.12 113/122] udf: Verify i_size when loading inode Jiri Slaby
2015-02-17 11:35 ` [PATCH 3.12 114/122] udf: Check path length when reading symlink Jiri Slaby
2015-02-17 11:35 ` [PATCH 3.12 115/122] udf: Check component length before reading it Jiri Slaby
2015-02-17 11:35 ` [PATCH 3.12 116/122] x86/early quirk: use gen6 stolen detection for VLV Jiri Slaby
2015-02-17 11:35 ` [PATCH 3.12 117/122] parport: parport_pc, do not remove parent devices early Jiri Slaby
2015-02-17 11:35 ` [PATCH 3.12 118/122] dm: do not call dm_sync_table() when creating new devices Jiri Slaby
2015-02-17 11:35 ` Jiri Slaby [this message]
2015-02-17 11:35 ` [PATCH 3.12 120/122] x86: UV BAU: Avoid NULL pointer reference in ptc_seq_show Jiri Slaby
2015-02-17 11:35 ` [PATCH 3.12 121/122] ACPI: Fix bug when ACPI reset register is implemented in system memory Jiri Slaby
2015-02-17 11:35 ` [PATCH 3.12 122/122] iscsi_ibft: Fix finding Broadcom specific ibft sign Jiri Slaby
2015-02-17 15:03 ` [PATCH 3.12 000/122] 3.12.38-stable review Shuah Khan
2015-02-19 9:07 ` Jiri Slaby
2015-02-17 17:08 ` Guenter Roeck
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ebf1059f4bc4e12a6878c44137f95fafc1fe55b3.1424099974.git.jslaby@suse.cz \
--to=jslaby@suse.cz \
--cc=eparis@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=pmoore@redhat.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.