]> git.proxmox.com Git - mirror_ubuntu-jammy-kernel.git/commit - net/netlabel/netlabel_unlabeled.c
projects / mirror_ubuntu-jammy-kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6afcff0) | patch
UBUNTU: SAUCE: LSM: Ensure the correct LSM context releaser
authorCasey Schaufler <casey@schaufler-ca.com>
Thu, 20 Aug 2020 18:47:01 +0000 (11:47 -0700)
committerPaolo Pisati <paolo.pisati@canonical.com>
Tue, 2 Nov 2021 07:24:52 +0000 (08:24 +0100)
commitb1393bc060f8c43c113dc12ec819783d6e5e8903
tree11e39fdb609a5e85311c9477d48197508d2a98betree
parent6afcff0a611a2768353e50319fabcacc1a41ea53commit | diff
UBUNTU: SAUCE: LSM: Ensure the correct LSM context releaser

Add a new lsmcontext data structure to hold all the information
about a "security context", including the string, its size and
which LSM allocated the string. The allocation information is
necessary because LSMs have different policies regarding the
lifecycle of these strings. SELinux allocates and destroys
them on each use, whereas Smack provides a pointer to an entry
in a list that never goes away.

Reviewed-by: Kees Cook <keescook@chromium.org>
Reviewed-by: John Johansen <john.johansen@canonical.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Cc: linux-integrity@vger.kernel.org
Cc: netdev@vger.kernel.org
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Andrea Righi <andrea.righi@canonical.com>
Signed-off-by: Seth Forshee <seth.forshee@canonical.com>
15 files changed:
drivers/android/binder.c diff | blob | blame | history
fs/ceph/xattr.c diff | blob | blame | history
fs/nfs/nfs4proc.c diff | blob | blame | history
fs/nfsd/nfs4xdr.c diff | blob | blame | history
include/linux/security.h diff | blob | blame | history
include/net/scm.h diff | blob | blame | history
kernel/audit.c diff | blob | blame | history
kernel/auditsc.c diff | blob | blame | history
net/ipv4/ip_sockglue.c diff | blob | blame | history
net/netfilter/nf_conntrack_netlink.c diff | blob | blame | history
net/netfilter/nf_conntrack_standalone.c diff | blob | blame | history
net/netfilter/nfnetlink_queue.c diff | blob | blame | history
net/netlabel/netlabel_unlabeled.c diff | blob | blame | history
net/netlabel/netlabel_user.c diff | blob | blame | history
security/security.c diff | blob | blame | history
Ubuntu Jammy Linux kernel mirror