raspi/linux
1
0
Fork 1
mirror of https://github.com/raspberrypi/linux.git synced 2025-12-27 12:32:50 +00:00
Code Issues Projects Releases Wiki Activity
Files
d4e2e71cbbdf91f41ea32a42a9f4cea9ff5da42f
linux/security
History
Stephen Smalley 85d98254ea selinux: fix selinux_xfrm_alloc_user() to set correct ctx_len 
commit 86c8db86af upstream.

We should count the terminating NUL byte as part of the ctx_len.
Otherwise, UBSAN logs a warning:
  UBSAN: array-index-out-of-bounds in security/selinux/xfrm.c:99:14
  index 60 is out of range for type 'char [*]'

The allocation itself is correct so there is no actual out of bounds
indexing, just a warning.

Cc: stable@vger.kernel.org
Suggested-by: Christian Göttsche <cgzones@googlemail.com>
Link: https://lore.kernel.org/selinux/CAEjxPJ6tA5+LxsGfOJokzdPeRomBHjKLBVR6zbrg+_w3ZZbM3A@mail.gmail.com/
Signed-off-by: Stephen Smalley <stephen.smalley.work@gmail.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2025-06-27 11:13:34 +01:00
..
apparmor
Change inode_operations.mkdir to return struct dentry *
2025-02-27 20:00:17 +01:00
bpf
bpf: lsm: Remove hook to bpf_task_storage_free
2024-12-16 12:32:31 -08:00
integrity
ima: process_measurement() needlessly takes inode_lock() on MAY_READ
2025-04-22 16:39:32 +02:00
ipe
ipe: policy_fs: fix kernel-doc warnings
2025-03-24 13:36:00 -07:00
keys
Merge tag 'v6.15-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
2025-03-29 10:01:55 -07:00
landlock
landlock: Improve bit operations in audit code
2025-05-12 11:38:53 +02:00
loadpin
loadpin: remove MODULE_COMPRESS_NONE as it is no longer supported
2025-03-03 09:35:50 -08:00
lockdown
lockdown: initialize local array before use to quiet static analysis
2025-01-05 12:48:43 -05:00
safesetid
safesetid: check size of policy writes
2025-01-04 22:46:09 -05:00
selinux
selinux: fix selinux_xfrm_alloc_user() to set correct ctx_len
2025-06-27 11:13:34 +01:00
smack
smack: recognize ipv4 CIPSO w/o categories
2025-02-16 14:17:55 -08:00
tomoyo
tomoyo: use better patterns for procfs in learning mode
2025-01-31 00:27:44 +09:00
yama
yama: don't abuse rcu_read_lock/get_task_struct in yama_task_prctl()
2025-03-07 19:58:05 -08:00
commoncap.c
capability: Remove unused has_capability
2025-03-07 22:03:09 -06:00
device_cgroup.c
device_cgroup: Fix kernel-doc warnings in device_cgroup
2023-06-21 09:30:49 -04:00
inode.c
lsm: Use IS_ERR_OR_NULL() helper function
2024-08-29 11:12:13 -04:00
Kconfig
mseal sysmap: kernel config and header change
2025-04-01 15:17:14 -07:00
Kconfig.hardening
hardening: Disable GCC randstruct for COMPILE_TEST
2025-04-15 13:50:17 -07:00
lsm_audit.c
Merge tag 'landlock-6.15-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/mic/linux
2025-03-28 12:37:13 -07:00
lsm_syscalls.c
lsm: use 32-bit compatible data types in LSM syscalls
2024-03-14 11:31:26 -04:00
Makefile
lsm: Only build lsm_audit.c if CONFIG_SECURITY and CONFIG_AUDIT are set
2025-01-04 11:50:44 -05:00
min_addr.c
security: min_addr: move sysctl to security/min_addr.c
2025-02-07 16:53:04 +01:00
security.c
Merge tag 'bpf-next-6.15' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next
2025-03-30 12:43:03 -07:00