security: Fix hook iteration for secid_to_secctx - blaster4385/linux-IllusionX - Linux kernel with personal config changes for arch linux

diff options

author	KP Singh <[email protected]>	2020-05-20 14:56:16 +0200
committer	Alexei Starovoitov <[email protected]>	2020-05-20 20:12:07 -0700
commit	0550cfe8c2c6f8e7a4c348b6603a794576db12dd (patch)
tree	5d01836dd15038bed2fdd235c31d7e528e1fd9b3 /scripts/gdb/linux
parent	20a785aa52c82246055a089e55df9dac47d67da1 (diff)

security: Fix hook iteration for secid_to_secctx

secid_to_secctx is not stackable, and since the BPF LSM registers this hook by default, the call_int_hook logic is not suitable which "bails-on-fail" and casues issues when other LSMs register this hook and eventually breaks Audit. In order to fix this, directly iterate over the security hooks instead of using call_int_hook as suggested in: https: //lore.kernel.org/bpf/[email protected]/#t Fixes: 98e828a0650f ("security: Refactor declaration of LSM hooks") Fixes: 625236ba3832 ("security: Fix the default value of secid_to_secctx hook") Reported-by: Alexei Starovoitov <[email protected]> Signed-off-by: KP Singh <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Acked-by: James Morris <[email protected]> Link: https://lore.kernel.org/bpf/[email protected]

Diffstat (limited to 'scripts/gdb/linux')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: