[prev in list] [next in list] [prev in thread] [next in thread]
List: selinux
Subject: Re: [RFC]integrity: SELinux patch
From: Mimi Zohar <zohar () linux ! vnet ! ibm ! com>
Date: 2007-09-19 19:41:23
Message-ID: 1190230883.7323.3.camel () localhost ! localdomain
[Download RAW message or body]
On Wed, 2007-08-29 at 06:14 -0400, Mimi Zohar wrote:
> On Wed, 2007-08-29 at 00:16 -0400, Joshua Brindle wrote:
> > Mimi Zohar wrote:
> >
> > > Index: linux-2.6.23-rc3-mm1/security/selinux/ss/services.c
> > > ===================================================================
> > > --- linux-2.6.23-rc3-mm1.orig/security/selinux/ss/services.c
> > > +++ linux-2.6.23-rc3-mm1/security/selinux/ss/services.c
> > > @@ -305,12 +305,12 @@ static int context_struct_compute_av(str
> > > tclass <= SECCLASS_NETLINK_DNRT_SOCKET)
> > > tclass = SECCLASS_NETLINK_SOCKET;
> > >
> > > - if (!tclass || tclass > policydb.p_classes.nprim) {
> > > - printk(KERN_ERR "security_compute_av: unrecognized class %d\n",
> > > - tclass);
> > > - return -EINVAL;
> > > - }
> > > - tclass_datum = policydb.class_val_to_struct[tclass - 1];
> > > +// if (!tclass || tclass > policydb.p_classes.nprim) {
> > > +// printk(KERN_ERR "security_compute_av: unrecognized class %d\n",
> > > +// tclass);
> > > +// return -EINVAL;
> > > +// }
> > > +// tclass_datum = policydb.class_val_to_struct[tclass - 1];
> > >
> > >
> >
> > Err? Did you mean to submit it like this? This should be fixed by Eric's
> > patch to handle unknown classes anyway.
>
> I'm working off the latest -mm tree and that patch hasn't made it in yet,
> as well as some other patches. For example, additional security class
> numbers have been defined. So I will need to update SECCLASS_INTEGRITY
> as well. The above code was added in order to test the patch. Once the
> basic integrity concept has been reviewed and accepted, I will repost
> based on the latest selinux development source tree.
Ok, so how do I get the latest selinux development source tree?
Thanks!
Mimi Zohar
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic