[PATCH openEuler-1.0-LTS 00/13] mainline bugfix backport

List overview All Threads
Download

newer

older

openEuler缺陷issue处理流程图

openEuler缺陷issue处理流程

Yongqiang Liu

23 Feb 2023 23 Feb '23

7:58 p.m.

*** BLURB HERE ***

Andy Shevchenko (1): ipmi: use %*ph to print small buffer

Dan Carpenter (1): evm: Fix a small race in init_desc()

Eric Biggers (1): crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete()

Greg Kroah-Hartman (1): iommu: Properly export iommu_group_get_for_dev()

Herbert Xu (2): crypto: algif_skcipher - EBUSY on aio should be an error crypto: algif_skcipher - Use chunksize instead of blocksize

Lubomir Rintel (1): component: do not dereference opaque pointer in debugfs

Nishka Dasgupta (2): of: unittest: Add of_node_put() before return of: resolver: Add of_node_put() before return and break

Ondrej Mosnacek (1): selinux: reorder hooks to make runtime disable less broken

Roberto Sassu (1): evm: Check also if *tfm is an error pointer in init_desc()

Will Deacon (2): drivers/iommu: Export core IOMMU API symbols to permit modular drivers drivers/iommu: Allow IOMMU bus ops to be unregistered

-- 2.25.1

Show replies by date

Yongqiang Liu

23 Feb 23 Feb

7:58 p.m.

New subject: [PATCH openEuler-1.0-LTS 01/13] crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete()

From: Eric Biggers ebiggers@google.com

mainline inclusion from mainline-v5.18-rc1 commit a24611ea356c7f3f0ec926da11b9482ac1f414fd category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I6HB6T CVE: NA

--------------------------------

Before checking whether the expected digest_info is present, we need to check that there are enough bytes remaining.

Fixes: a49de377e051 ("crypto: Add hash param to pkcs1pad") Cc: stable@vger.kernel.org # v4.6+ Cc: Tadeusz Struk tadeusz.struk@linaro.org Signed-off-by: Eric Biggers ebiggers@google.com Signed-off-by: Herbert Xu herbert@gondor.apana.org.au Conflicts: crypto/rsa-pkcs1pad.c Signed-off-by: GUO Zihua guozihua@huawei.com Reviewed-by: Wang Weiyang wangweiyang2@huawei.com Signed-off-by: Yongqiang Liu liuyongqiang13@huawei.com --- crypto/rsa-pkcs1pad.c | 2 ++ 1 file changed, 2 insertions(+)

diff --git a/crypto/rsa-pkcs1pad.c b/crypto/rsa-pkcs1pad.c index 812476e46821..ab2e74e23a7d 100644 --- a/crypto/rsa-pkcs1pad.c +++ b/crypto/rsa-pkcs1pad.c @@ -475,6 +475,8 @@ static int pkcs1pad_verify_complete(struct akcipher_request *req, int err) goto done; pos++;

+ if (digest_info->size > dst_len - pos) + goto done; if (crypto_memneq(out_buf + pos, digest_info->data, digest_info->size)) goto done;

-- 2.25.1

Yongqiang Liu

7:58 p.m.

New subject: [PATCH openEuler-1.0-LTS 02/13] crypto: algif_skcipher - EBUSY on aio should be an error

From: Herbert Xu herbert@gondor.apana.org.au

stable inclusion from stable-v4.19.153 commit b0112ecef7d8e65b71ee9e30d9635788ddcbb48b category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I6FMKH CVE: NA

--------------------------------

[ Upstream commit 2a05b029c1ee045b886ebf9efef9985ca23450de ]

I removed the MAY_BACKLOG flag on the aio path a while ago but the error check still incorrectly interpreted EBUSY as success. This may cause the submitter to wait for a request that will never complete.

Fixes: dad419970637 ("crypto: algif_skcipher - Do not set...") Signed-off-by: Herbert Xu herbert@gondor.apana.org.au Signed-off-by: Sasha Levin sashal@kernel.org Signed-off-by: Lu Jialin lujialin4@huawei.com Reviewed-by: Wang Weiyang wangweiyang2@huawei.com Reviewed-by: guozihua guozihua@huawei.com Signed-off-by: Yongqiang Liu liuyongqiang13@huawei.com --- crypto/algif_skcipher.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/algif_skcipher.c b/crypto/algif_skcipher.c index cfdaab2b7d76..4529ed2478bf 100644 --- a/crypto/algif_skcipher.c +++ b/crypto/algif_skcipher.c @@ -131,7 +131,7 @@ static int _skcipher_recvmsg(struct socket *sock, struct msghdr *msg, crypto_skcipher_decrypt(&areq->cra_u.skcipher_req);

/* AIO operation in progress */ - if (err == -EINPROGRESS || err == -EBUSY) + if (err == -EINPROGRESS) return -EIOCBQUEUED;

sock_put(sk);

-- 2.25.1

Yongqiang Liu

7:58 p.m.

New subject: [PATCH openEuler-1.0-LTS 03/13] crypto: algif_skcipher - Use chunksize instead of blocksize

From: Herbert Xu herbert@gondor.apana.org.au

mainline inclusion from mainline-v5.5-rc1 commit 5b0fe9552336338acb52756daf65dd7a4eeca73f category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I6F049 CVE: NA

--------------------------------

When algif_skcipher does a partial operation it always process data that is a multiple of blocksize. However, for algorithms such as CTR this is wrong because even though it can process any number of bytes overall, the partial block must come at the very end and not in the middle.

This is exactly what chunksize is meant to describe so this patch changes blocksize to chunksize.

Fixes: 8ff590903d5f ("crypto: algif_skcipher - User-space...") Signed-off-by: Herbert Xu herbert@gondor.apana.org.au Acked-by: Ard Biesheuvel ard.biesheuvel@linaro.org Signed-off-by: Herbert Xu herbert@gondor.apana.org.au Conflicts: include/crypto/internal/skcipher.h include/crypto/skcipher.h Signed-off-by: Lu Jialin lujialin4@huawei.com Reviewed-by: Wang Weiyang wangweiyang2@huawei.com Reviewed-by: guozihua guozihua@huawei.com Signed-off-by: Yongqiang Liu liuyongqiang13@huawei.com --- crypto/algif_skcipher.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/algif_skcipher.c b/crypto/algif_skcipher.c index 4529ed2478bf..fe1f6b0f7c4c 100644 --- a/crypto/algif_skcipher.c +++ b/crypto/algif_skcipher.c @@ -60,7 +60,7 @@ static int _skcipher_recvmsg(struct socket *sock, struct msghdr *msg, struct alg_sock *pask = alg_sk(psk); struct af_alg_ctx *ctx = ask->private; struct crypto_skcipher *tfm = pask->private; - unsigned int bs = crypto_skcipher_blocksize(tfm); + unsigned int bs = crypto_skcipher_chunksize(tfm); struct af_alg_async_req *areq; int err = 0; size_t len = 0;

-- 2.25.1

Yongqiang Liu

7:58 p.m.

New subject: [PATCH openEuler-1.0-LTS 04/13] ipmi: use %*ph to print small buffer

From: Andy Shevchenko andy.shevchenko@gmail.com

mainline inclusion from mainline-v5.5-rc1 commit 8ee7b485bbfbd182aa2c1a0a45812e151c1000bd category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I69WIO CVE: NA

--------------------------------

Use %*ph format to print small buffer as hex string.

The change is safe since the specifier can handle up to 64 bytes and taking into account the buffer size of 100 bytes on stack the function has never been used to dump more than 32 bytes. Note, this also avoids potential buffer overflow if the length of the input buffer is bigger.

This completely eliminates ipmi_debug_msg() in favour of Dynamic Debug.

Signed-off-by: Andy Shevchenko andy.shevchenko@gmail.com Signed-off-by: Andy Shevchenko andriy.shevchenko@linux.intel.com Message-Id: 20191011155036.36748-1-andriy.shevchenko@linux.intel.com Signed-off-by: Corey Minyard cminyard@mvista.com Conflicts: drivers/char/ipmi/ipmi_msghandler.c v2->v1: Add conflicts commit msg Signed-off-by: Lu Jialin lujialin4@huawei.com Reviewed-by: Wang Weiyang wangweiyang2@huawei.com Signed-off-by: Yongqiang Liu liuyongqiang13@huawei.com --- drivers/char/ipmi/ipmi_msghandler.c | 27 ++++----------------------- 1 file changed, 4 insertions(+), 23 deletions(-)

diff --git a/drivers/char/ipmi/ipmi_msghandler.c b/drivers/char/ipmi/ipmi_msghandler.c index 53758597c509..9aedd3588ecc 100644 --- a/drivers/char/ipmi/ipmi_msghandler.c +++ b/drivers/char/ipmi/ipmi_msghandler.c @@ -44,25 +44,6 @@ static void need_waiter(struct ipmi_smi *intf); static int handle_one_recv_msg(struct ipmi_smi *intf, struct ipmi_smi_msg *msg);

-#ifdef DEBUG -static void ipmi_debug_msg(const char *title, unsigned char *data, - unsigned int len) -{ - int i, pos; - char buf[100]; - - pos = snprintf(buf, sizeof(buf), "%s: ", title); - for (i = 0; i < len; i++) - pos += snprintf(buf + pos, sizeof(buf) - pos, - " %2.2x", data[i]); - pr_debug("%s\n", buf); -} -#else -static void ipmi_debug_msg(const char *title, unsigned char *data, - unsigned int len) -{ } -#endif - static bool initialized; static bool drvregistered;

@@ -2204,7 +2185,7 @@ static int i_ipmi_request(struct ipmi_user *user, ipmi_free_smi_msg(smi_msg); ipmi_free_recv_msg(recv_msg); } else { - ipmi_debug_msg("Send", smi_msg->data, smi_msg->data_size); + pr_debug("Send: %*ph\n", smi_msg->data_size, smi_msg->data);

smi_send(intf, intf->handlers, smi_msg, priority); } @@ -3675,7 +3656,7 @@ static int handle_ipmb_get_msg_cmd(struct ipmi_smi *intf, msg->data[10] = ipmb_checksum(&msg->data[6], 4); msg->data_size = 11;

- ipmi_debug_msg("Invalid command:", msg->data, msg->data_size); + pr_debug("Invalid command: %*ph\n", msg->data_size, msg->data);

rcu_read_lock(); if (!intf->in_shutdown) { @@ -4162,7 +4143,7 @@ static int handle_one_recv_msg(struct ipmi_smi *intf, int requeue; int chan;

- ipmi_debug_msg("Recv:", msg->rsp, msg->rsp_size); + pr_debug("Recv: %*ph\n", msg->rsp_size, msg->rsp); if (msg->rsp_size < 2) { /* Message is too small to be correct. */ dev_warn(intf->si_dev, @@ -4520,7 +4501,7 @@ smi_from_recv_msg(struct ipmi_smi *intf, struct ipmi_recv_msg *recv_msg, smi_msg->data_size = recv_msg->msg.data_len; smi_msg->msgid = STORE_SEQ_IN_MSGID(seq, seqid);

- ipmi_debug_msg("Resend: ", smi_msg->data, smi_msg->data_size); + pr_debug("Resend: %*ph\n", smi_msg->data_size, smi_msg->data);

return smi_msg; }

-- 2.25.1

Yongqiang Liu

7:58 p.m.

New subject: [PATCH openEuler-1.0-LTS 05/13] component: do not dereference opaque pointer in debugfs

From: Lubomir Rintel lkundrak@v3.sk

stable inclusion from stable-v4.19.101 commit b7d002c50902fdde05a087fb7c776287be0b86f1 category: bugfix bugzilla: 29297, https://gitee.com/openeuler/kernel/issues/I6H9U5 CVE: NA

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=...

--------------------------------

commit ef9ffc1e5f1ac73ecd2fb3b70db2a3b2472ff2f7 upstream.

The match data does not have to be a struct device pointer, and indeed very often is not. Attempt to treat it as such easily results in a crash.

For the components that are not registered, we don't know which device is missing. Once it it is there, we can use the struct component to get the device and whether it's bound or not.

Fixes: 59e73854b5fd ('component: add debugfs support') Signed-off-by: Lubomir Rintel lkundrak@v3.sk Cc: stable stable@vger.kernel.org Cc: Arnaud Pouliquen arnaud.pouliquen@st.com Link: https://lore.kernel.org/r/20191118115431.63626-1-lkundrak@v3.sk Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org Signed-off-by: Guo Mengqi guomengqi3@huawei.com Reviewed-by: Weilong Chen chenweilong@huawei.com Signed-off-by: Yongqiang Liu liuyongqiang13@huawei.com --- drivers/base/component.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/drivers/base/component.c b/drivers/base/component.c index e8d676fad0c9..7f7c4233cd31 100644 --- a/drivers/base/component.c +++ b/drivers/base/component.c @@ -74,11 +74,11 @@ static int component_devices_show(struct seq_file *s, void *data) seq_printf(s, "%-40s %20s\n", "device name", "status"); seq_puts(s, "-------------------------------------------------------------\n"); for (i = 0; i < match->num; i++) { - struct device *d = (struct device *)match->compare[i].data; + struct component *component = match->compare[i].component;

- seq_printf(s, "%-40s %20s\n", dev_name(d), - match->compare[i].component ? - "registered" : "not registered"); + seq_printf(s, "%-40s %20s\n", + component ? dev_name(component->dev) : "(unknown)", + component ? (component->bound ? "bound" : "not bound") : "not registered"); } mutex_unlock(&component_mutex);

-- 2.25.1

Yongqiang Liu

7:58 p.m.

New subject: [PATCH openEuler-1.0-LTS 06/13] drivers/iommu: Export core IOMMU API symbols to permit modular drivers

From: Will Deacon will@kernel.org

mainline inclusion from mainline-v5.6-rc1 commit a7ba5c3d008dd78d881a1658eae5a2275ebd5087 category: bugfix bugzilla: 30237, https://gitee.com/openeuler/kernel/issues/I6H9U5 CVE: NA

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i...

--------------------------------

Building IOMMU drivers as modules requires that the core IOMMU API symbols are exported as GPL symbols.

Signed-off-by: Will Deacon will@kernel.org Tested-by: John Garry john.garry@huawei.com # smmu v3 Reviewed-by: Greg Kroah-Hartman gregkh@linuxfoundation.org Signed-off-by: Joerg Roedel jroedel@suse.de Signed-off-by: Guo Mengqi guomengqi3@huawei.com Reviewed-by: Weilong Chen chenweilong@huawei.com Signed-off-by: Yongqiang Liu liuyongqiang13@huawei.com --- drivers/iommu/iommu-sysfs.c | 5 +++++ drivers/iommu/iommu.c | 7 +++++++ 2 files changed, 12 insertions(+)

diff --git a/drivers/iommu/iommu-sysfs.c b/drivers/iommu/iommu-sysfs.c index 36d1a7ce7fc4..05e430644b66 100644 --- a/drivers/iommu/iommu-sysfs.c +++ b/drivers/iommu/iommu-sysfs.c @@ -90,6 +90,7 @@ int iommu_device_sysfs_add(struct iommu_device *iommu, put_device(iommu->dev); return ret; } +EXPORT_SYMBOL_GPL(iommu_device_sysfs_add);

void iommu_device_sysfs_remove(struct iommu_device *iommu) { @@ -97,6 +98,8 @@ void iommu_device_sysfs_remove(struct iommu_device *iommu) device_unregister(iommu->dev); iommu->dev = NULL; } +EXPORT_SYMBOL_GPL(iommu_device_sysfs_remove); + /* * IOMMU drivers can indicate a device is managed by a given IOMMU using * this interface. A link to the device will be created in the "devices" @@ -122,6 +125,7 @@ int iommu_device_link(struct iommu_device *iommu, struct device *link)

return ret; } +EXPORT_SYMBOL_GPL(iommu_device_link);

void iommu_device_unlink(struct iommu_device *iommu, struct device *link) { @@ -131,3 +135,4 @@ void iommu_device_unlink(struct iommu_device *iommu, struct device *link) sysfs_remove_link(&link->kobj, "iommu"); sysfs_remove_link_from_group(&iommu->dev->kobj, "devices", dev_name(link)); } +EXPORT_SYMBOL_GPL(iommu_device_unlink); diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c index 84a59762b037..e9319050a13b 100644 --- a/drivers/iommu/iommu.c +++ b/drivers/iommu/iommu.c @@ -104,6 +104,7 @@ int iommu_device_register(struct iommu_device *iommu)

return 0; } +EXPORT_SYMBOL_GPL(iommu_device_register);

void iommu_device_unregister(struct iommu_device *iommu) { @@ -111,6 +112,7 @@ void iommu_device_unregister(struct iommu_device *iommu) list_del(&iommu->list); spin_unlock(&iommu_device_lock); } +EXPORT_SYMBOL_GPL(iommu_device_unregister);

static struct iommu_domain *__iommu_domain_alloc(struct bus_type *bus, unsigned type); @@ -825,6 +827,7 @@ struct iommu_group *iommu_group_ref_get(struct iommu_group *group) kobject_get(group->devices_kobj); return group; } +EXPORT_SYMBOL_GPL(iommu_group_ref_get);

/** * iommu_group_put - Decrement group reference @@ -1187,6 +1190,7 @@ struct iommu_group *generic_device_group(struct device *dev) { return iommu_group_alloc(); } +EXPORT_SYMBOL_GPL(generic_device_group);

/* * Use standard PCI bus topology, isolation features, and DMA alias quirks @@ -1254,6 +1258,7 @@ struct iommu_group *pci_device_group(struct device *dev) /* No shared group found, allocate new */ return iommu_group_alloc(); } +EXPORT_SYMBOL_GPL(pci_device_group);

/** * iommu_group_get_for_dev - Find or create the IOMMU group for a device @@ -1328,6 +1333,7 @@ struct iommu_group *iommu_group_get_for_dev(struct device *dev)

return group; } +EXPORT_SYMBOL(iommu_group_get_for_dev);

struct iommu_domain *iommu_group_default_domain(struct iommu_group *group) { @@ -2234,6 +2240,7 @@ struct iommu_resv_region *iommu_alloc_resv_region(phys_addr_t start, region->type = type; return region; } +EXPORT_SYMBOL_GPL(iommu_alloc_resv_region);

/* Request that a device is direct mapped by the IOMMU */ int iommu_request_dm_for_dev(struct device *dev)

-- 2.25.1

Yongqiang Liu

7:58 p.m.

New subject: [PATCH openEuler-1.0-LTS 07/13] drivers/iommu: Allow IOMMU bus ops to be unregistered

From: Will Deacon will@kernel.org

mainline inclusion from mainline-v5.6-rc1 commit 4312cf7f16c8d43e154bf2a6eea6d1e9347c922c category: bugfix bugzilla: 30226, https://gitee.com/openeuler/kernel/issues/I6H9U5 CVE: NA

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i...

--------------------------------

'bus_set_iommu()' allows IOMMU drivers to register their ops for a given bus type. Unfortunately, it then doesn't allow them to be removed, which is necessary for modular drivers to shutdown cleanly so that they can be reloaded later on.

Allow 'bus_set_iommu()' to take a NULL 'ops' argument, which clear the ops pointer for the selected bus_type.

diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c index e9319050a13b..aa63957c363f 100644 --- a/drivers/iommu/iommu.c +++ b/drivers/iommu/iommu.c @@ -1485,6 +1485,11 @@ int bus_set_iommu(struct bus_type *bus, const struct iommu_ops *ops) { int err;

+ if (ops == NULL) { + bus->iommu_ops = NULL; + return 0; + } + if (bus->iommu_ops != NULL) return -EBUSY;

-- 2.25.1

Yongqiang Liu

7:58 p.m.

New subject: [PATCH openEuler-1.0-LTS 08/13] of: unittest: Add of_node_put() before return

From: Nishka Dasgupta nishkadg.linux@gmail.com

mainline inclusion from mainline-v5.4-rc1 commit a7bcae591f595a727feea9a5a389756015579072 category: bugfix bugzilla: 22762, https://gitee.com/openeuler/kernel/issues/I6H9U5 CVE: NA

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i...

--------------------------------

The local variable np in function of_unittest_platform_populate takes the return value of of_find_node_by_path, which gets a node but does not put it. If np is not put before return it may cause a memory leak. Hence put np before a return statement. Issue found with Coccinelle.

Signed-off-by: Nishka Dasgupta nishkadg.linux@gmail.com Signed-off-by: Rob Herring robh@kernel.org Signed-off-by: Guo Mengqi guomengqi3@huawei.com Reviewed-by: Weilong Chen chenweilong@huawei.com Signed-off-by: Yongqiang Liu liuyongqiang13@huawei.com --- drivers/of/unittest.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/drivers/of/unittest.c b/drivers/of/unittest.c index 808571f7f6ef..9895d419894d 100644 --- a/drivers/of/unittest.c +++ b/drivers/of/unittest.c @@ -1040,8 +1040,10 @@ static void __init of_unittest_platform_populate(void) test_bus = platform_device_register_full(&test_bus_info); rc = PTR_ERR_OR_ZERO(test_bus); unittest(!rc, "testbus registration failed; rc=%i\n", rc); - if (rc) + if (rc) { + of_node_put(np); return; + } test_bus->dev.of_node = np;

-- 2.25.1

Yongqiang Liu

7:58 p.m.

New subject: [PATCH openEuler-1.0-LTS 09/13] of: resolver: Add of_node_put() before return and break

From: Nishka Dasgupta nishkadg.linux@gmail.com

mainline inclusion from mainline-v5.3-rc5 commit 60d437bbff358748fcfc3bce5f08da9a6b3761da category: bugfix bugzilla: 20547, https://gitee.com/openeuler/kernel/issues/I6H9U5 CVE: NA

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i...

--------------------------------

Each iteration of for_each_child_of_node puts the previous node, but in the case of a return or break from the middle of the loop, there is no put, thus causing a memory leak. Hence add an of_node_put before the return or break in three places. Issue found with Coccinelle.

Signed-off-by: Nishka Dasgupta nishkadg.linux@gmail.com Signed-off-by: Rob Herring robh@kernel.org Signed-off-by: Guo Mengqi guomengqi3@huawei.com Reviewed-by: Weilong Chen chenweilong@huawei.com Signed-off-by: Yongqiang Liu liuyongqiang13@huawei.com --- drivers/of/resolver.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/drivers/of/resolver.c b/drivers/of/resolver.c index 7edfac6f1914..ad5f24c2d2a9 100644 --- a/drivers/of/resolver.c +++ b/drivers/of/resolver.c @@ -206,16 +206,22 @@ static int adjust_local_phandle_references(struct device_node *local_fixups, for_each_child_of_node(local_fixups, child) {

for_each_child_of_node(overlay, overlay_child) - if (!node_name_cmp(child, overlay_child)) + if (!node_name_cmp(child, overlay_child)) { + of_node_put(overlay_child); break; + }

- if (!overlay_child) + if (!overlay_child) { + of_node_put(child); return -EINVAL; + }

err = adjust_local_phandle_references(child, overlay_child, phandle_delta); - if (err) + if (err) { + of_node_put(child); return err; + } }

return 0;

-- 2.25.1

Yongqiang Liu

7:58 p.m.

New subject: [PATCH openEuler-1.0-LTS 10/13] iommu: Properly export iommu_group_get_for_dev()

From: Greg Kroah-Hartman gregkh@linuxfoundation.org

mainline inclusion from mainline-v5.7-rc4 commit ae74c19faa7d7996e857e13165bd40fc4a285e0d category: bugfix bugzilla: 34842, https://gitee.com/openeuler/kernel/issues/I6H9U5 CVE: NA

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i...

--------------------------------

In commit a7ba5c3d008d ("drivers/iommu: Export core IOMMU API symbols to permit modular drivers") a bunch of iommu symbols were exported, all with _GPL markings except iommu_group_get_for_dev(). That export should also be _GPL like the others.

Fixes: a7ba5c3d008d ("drivers/iommu: Export core IOMMU API symbols to permit modular drivers") Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org Acked-by: Will Deacon will@kernel.org Cc: Joerg Roedel jroedel@suse.de Cc: John Garry john.garry@huawei.com Cc: Will Deacon will@kernel.org Link: https://lore.kernel.org/r/20200430120120.2948448-1-gregkh@linuxfoundation.or... Signed-off-by: Joerg Roedel jroedel@suse.de Signed-off-by: Guo Mengqi guomengqi3@huawei.com Reviewed-by: Weilong Chen chenweilong@huawei.com Signed-off-by: Yongqiang Liu liuyongqiang13@huawei.com --- drivers/iommu/iommu.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c index aa63957c363f..16aa8f79eed4 100644 --- a/drivers/iommu/iommu.c +++ b/drivers/iommu/iommu.c @@ -1333,7 +1333,7 @@ struct iommu_group *iommu_group_get_for_dev(struct device *dev)

return group; } -EXPORT_SYMBOL(iommu_group_get_for_dev); +EXPORT_SYMBOL_GPL(iommu_group_get_for_dev);

struct iommu_domain *iommu_group_default_domain(struct iommu_group *group) {

-- 2.25.1

Yongqiang Liu

7:58 p.m.

New subject: [PATCH openEuler-1.0-LTS 11/13] evm: Check also if *tfm is an error pointer in init_desc()

From: Roberto Sassu roberto.sassu@huawei.com

stable inclusion from stable-v4.19.125 commit 4c7a2e76ae93577628a022d2d2adf5e0d8a89147 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/I6AAU7 CVE: NA

----------------------------------------

[ Upstream commit 53de3b080d5eae31d0de219617155dcc34e7d698 ]

This patch avoids a kernel panic due to accessing an error pointer set by crypto_alloc_shash(). It occurs especially when there are many files that require an unsupported algorithm, as it would increase the likelihood of the following race condition:

Task A: *tfm = crypto_alloc_shash() <= error pointer Task B: if (*tfm == NULL) <= *tfm is not NULL, use it Task B: rc = crypto_shash_init(desc) <= panic Task A: *tfm = NULL

This patch uses the IS_ERR_OR_NULL macro to determine whether or not a new crypto context must be created.

Cc: stable@vger.kernel.org Fixes: d46eb3699502b ("evm: crypto hash replaced by shash") Co-developed-by: Krzysztof Struczynski krzysztof.struczynski@huawei.com Signed-off-by: Krzysztof Struczynski krzysztof.struczynski@huawei.com Signed-off-by: Roberto Sassu roberto.sassu@huawei.com Signed-off-by: Mimi Zohar zohar@linux.ibm.com Signed-off-by: Sasha Levin sashal@kernel.org Signed-off-by: GONG, Ruiqi gongruiqi1@huawei.com Reviewed-by: Wang Weiyang wangweiyang2@huawei.com Reviewed-by: Xiu Jianfeng xiujianfeng@huawei.com Signed-off-by: Yongqiang Liu liuyongqiang13@huawei.com --- security/integrity/evm/evm_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/security/integrity/evm/evm_crypto.c b/security/integrity/evm/evm_crypto.c index 99298d1fe0ed..01652f4d8eb7 100644 --- a/security/integrity/evm/evm_crypto.c +++ b/security/integrity/evm/evm_crypto.c @@ -96,7 +96,7 @@ static struct shash_desc *init_desc(char type, uint8_t hash_algo) algo = hash_algo_name[hash_algo]; }

- if (*tfm == NULL) { + if (IS_ERR_OR_NULL(*tfm)) { mutex_lock(&mutex); if (*tfm) goto out;

-- 2.25.1

Yongqiang Liu

7:58 p.m.

New subject: [PATCH openEuler-1.0-LTS 12/13] evm: Fix a small race in init_desc()

From: Dan Carpenter dan.carpenter@oracle.com

mainline inclusion from mainline-v5.7-rc7 commit 8433856947217ebb5697a8ff9c4c9cad4639a2cf category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/I6AAU7 CVE: NA

----------------------------------------

The IS_ERR_OR_NULL() function has two conditions and if we got really unlucky we could hit a race where "ptr" started as an error pointer and then was set to NULL. Both conditions would be false even though the pointer at the end was NULL.

This patch fixes the problem by ensuring that "*tfm" can only be NULL or valid. I have introduced a "tmp_tfm" variable to make that work. I also reversed a condition and pulled the code in one tab.

Reported-by: Roberto Sassu roberto.sassu@huawei.com Fixes: 53de3b080d5e ("evm: Check also if *tfm is an error pointer in init_desc()") Signed-off-by: Dan Carpenter dan.carpenter@oracle.com Acked-by: Roberto Sassu roberto.sassu@huawei.com Acked-by: Krzysztof Struczynski krzysztof.struczynski@huawei.com Signed-off-by: Mimi Zohar zohar@linux.ibm.com

Conflicts: security/integrity/evm/evm_crypto.c

Signed-off-by: GONG, Ruiqi gongruiqi1@huawei.com Reviewed-by: Wang Weiyang wangweiyang2@huawei.com Reviewed-by: Xiu Jianfeng xiujianfeng@huawei.com Signed-off-by: Yongqiang Liu liuyongqiang13@huawei.com --- security/integrity/evm/evm_crypto.c | 45 ++++++++++++++--------------- 1 file changed, 22 insertions(+), 23 deletions(-)

diff --git a/security/integrity/evm/evm_crypto.c b/security/integrity/evm/evm_crypto.c index 01652f4d8eb7..5f11181cae05 100644 --- a/security/integrity/evm/evm_crypto.c +++ b/security/integrity/evm/evm_crypto.c @@ -78,7 +78,7 @@ static struct shash_desc *init_desc(char type, uint8_t hash_algo) { long rc; const char *algo; - struct crypto_shash **tfm; + struct crypto_shash **tfm, *tmp_tfm; struct shash_desc *desc;

if (type == EVM_XATTR_HMAC) { @@ -96,32 +96,31 @@ static struct shash_desc *init_desc(char type, uint8_t hash_algo) algo = hash_algo_name[hash_algo]; }

- if (IS_ERR_OR_NULL(*tfm)) { - mutex_lock(&mutex); - if (*tfm) - goto out; - *tfm = crypto_alloc_shash(algo, 0, - CRYPTO_ALG_ASYNC | CRYPTO_NOLOAD); - if (IS_ERR(*tfm)) { - rc = PTR_ERR(*tfm); - pr_err("Can not allocate %s (reason: %ld)\n", algo, rc); - *tfm = NULL; + if (*tfm) + goto alloc; + mutex_lock(&mutex); + if (*tfm) + goto unlock; + + tmp_tfm = crypto_alloc_shash(algo, 0, CRYPTO_ALG_ASYNC | CRYPTO_NOLOAD); + if (IS_ERR(tmp_tfm)) { + pr_err("Can not allocate %s (reason: %ld)\n", algo, + PTR_ERR(tmp_tfm)); + mutex_unlock(&mutex); + return ERR_CAST(tmp_tfm); + } + if (type == EVM_XATTR_HMAC) { + rc = crypto_shash_setkey(tmp_tfm, evmkey, evmkey_len); + if (rc) { + crypto_free_shash(tmp_tfm); mutex_unlock(&mutex); return ERR_PTR(rc); } - if (type == EVM_XATTR_HMAC) { - rc = crypto_shash_setkey(*tfm, evmkey, evmkey_len); - if (rc) { - crypto_free_shash(*tfm); - *tfm = NULL; - mutex_unlock(&mutex); - return ERR_PTR(rc); - } - } -out: - mutex_unlock(&mutex); } - + *tfm = tmp_tfm; +unlock: + mutex_unlock(&mutex); +alloc: desc = kmalloc(sizeof(*desc) + crypto_shash_descsize(*tfm), GFP_KERNEL); if (!desc)

-- 2.25.1

Yongqiang Liu

7:58 p.m.

New subject: [PATCH openEuler-1.0-LTS 13/13] selinux: reorder hooks to make runtime disable less broken

From: Ondrej Mosnacek omosnace@redhat.com

mainline inclusion from mainline-v5.6-rc1 commit cfff75d8973ae4a90b3df3ae7fbba1ce9af9c8f0 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/I6DRJ1 CVE: NA

----------------------------------------

Commit b1d9e6b0646d ("LSM: Switch to lists of hooks") switched the LSM infrastructure to use per-hook lists, which meant that removing the hooks for a given module was no longer atomic. Even though the commit clearly documents that modules implementing runtime revmoval of hooks (only SELinux attempts this madness) need to take special precautions to avoid race conditions, SELinux has never addressed this.

By inserting an artificial delay between the loop iterations of security_delete_hooks() (I used 100 ms), booting to a state where SELinux is enabled, but policy is not yet loaded, and running these commands:

while true; do ping -c 1 <some IP>; done & echo -n 1 >/sys/fs/selinux/disable kill %1 wait

...I was able to trigger NULL pointer dereferences in various places. I also have a report of someone getting panics on a stock RHEL-8 kernel after setting SELINUX=disabled in /etc/selinux/config and rebooting (without adding "selinux=0" to kernel command-line).

Reordering the SELinux hooks such that those that allocate structures are removed last seems to prevent these panics. It is very much possible that this doesn't make the runtime disable completely race-free, but at least it makes the operation much less fragile.

Cc: stable@vger.kernel.org Fixes: b1d9e6b0646d ("LSM: Switch to lists of hooks") Signed-off-by: Ondrej Mosnacek omosnace@redhat.com Reviewed-by: Stephen Smalley sds@tycho.nsa.gov Signed-off-by: Paul Moore paul@paul-moore.com

Conflicts: security/selinux/hooks.c

Signed-off-by: GONG, Ruiqi gongruiqi1@huawei.com Reviewed-by: Wang Weiyang wangweiyang2@huawei.com Reviewed-by: Xiu Jianfeng xiujianfeng@huawei.com Signed-off-by: Yongqiang Liu liuyongqiang13@huawei.com --- security/selinux/hooks.c | 93 ++++++++++++++++++++++++++++------------ 1 file changed, 66 insertions(+), 27 deletions(-)

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index c44c95896f33..cd26c1199353 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6962,6 +6962,21 @@ static void selinux_bpf_prog_free(struct bpf_prog_aux *aux) } #endif

+/* + * IMPORTANT NOTE: When adding new hooks, please be careful to keep this order: + * 1. any hooks that don't belong to (2.) or (3.) below, + * 2. hooks that both access structures allocated by other hooks, and allocate + * structures that can be later accessed by other hooks (mostly "cloning" + * hooks), + * 3. hooks that only allocate structures that can be later accessed by other + * hooks ("allocating" hooks). + * + * Please follow block comment delimiters in the list to keep this order. + * + * This ordering is needed for SELinux runtime disable to work at least somewhat + * safely. Breaking the ordering rules above might lead to NULL pointer derefs + * when disabling SELinux at runtime. + */ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(binder_set_context_mgr, selinux_binder_set_context_mgr), LSM_HOOK_INIT(binder_transaction, selinux_binder_transaction), @@ -6984,9 +6999,7 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(bprm_committing_creds, selinux_bprm_committing_creds), LSM_HOOK_INIT(bprm_committed_creds, selinux_bprm_committed_creds),

- LSM_HOOK_INIT(sb_alloc_security, selinux_sb_alloc_security), LSM_HOOK_INIT(sb_free_security, selinux_sb_free_security), - LSM_HOOK_INIT(sb_copy_data, selinux_sb_copy_data), LSM_HOOK_INIT(sb_remount, selinux_sb_remount), LSM_HOOK_INIT(sb_kern_mount, selinux_sb_kern_mount), LSM_HOOK_INIT(sb_show_options, selinux_sb_show_options), @@ -6995,12 +7008,10 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(sb_umount, selinux_umount), LSM_HOOK_INIT(sb_set_mnt_opts, selinux_set_mnt_opts), LSM_HOOK_INIT(sb_clone_mnt_opts, selinux_sb_clone_mnt_opts), - LSM_HOOK_INIT(sb_parse_opts_str, selinux_parse_opts_str),

LSM_HOOK_INIT(dentry_init_security, selinux_dentry_init_security), LSM_HOOK_INIT(dentry_create_files_as, selinux_dentry_create_files_as),

- LSM_HOOK_INIT(inode_alloc_security, selinux_inode_alloc_security), LSM_HOOK_INIT(inode_free_security, selinux_inode_free_security), LSM_HOOK_INIT(inode_init_security, selinux_inode_init_security), LSM_HOOK_INIT(inode_create, selinux_inode_create), @@ -7044,7 +7055,6 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(file_open, selinux_file_open),

LSM_HOOK_INIT(task_alloc, selinux_task_alloc), - LSM_HOOK_INIT(cred_alloc_blank, selinux_cred_alloc_blank), LSM_HOOK_INIT(cred_free, selinux_cred_free), LSM_HOOK_INIT(cred_prepare, selinux_cred_prepare), LSM_HOOK_INIT(cred_transfer, selinux_cred_transfer), @@ -7072,24 +7082,19 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(ipc_permission, selinux_ipc_permission), LSM_HOOK_INIT(ipc_getsecid, selinux_ipc_getsecid),

- LSM_HOOK_INIT(msg_msg_alloc_security, selinux_msg_msg_alloc_security), LSM_HOOK_INIT(msg_msg_free_security, selinux_msg_msg_free_security),

- LSM_HOOK_INIT(msg_queue_alloc_security, - selinux_msg_queue_alloc_security), LSM_HOOK_INIT(msg_queue_free_security, selinux_msg_queue_free_security), LSM_HOOK_INIT(msg_queue_associate, selinux_msg_queue_associate), LSM_HOOK_INIT(msg_queue_msgctl, selinux_msg_queue_msgctl), LSM_HOOK_INIT(msg_queue_msgsnd, selinux_msg_queue_msgsnd), LSM_HOOK_INIT(msg_queue_msgrcv, selinux_msg_queue_msgrcv),

- LSM_HOOK_INIT(shm_alloc_security, selinux_shm_alloc_security), LSM_HOOK_INIT(shm_free_security, selinux_shm_free_security), LSM_HOOK_INIT(shm_associate, selinux_shm_associate), LSM_HOOK_INIT(shm_shmctl, selinux_shm_shmctl), LSM_HOOK_INIT(shm_shmat, selinux_shm_shmat),

- LSM_HOOK_INIT(sem_alloc_security, selinux_sem_alloc_security), LSM_HOOK_INIT(sem_free_security, selinux_sem_free_security), LSM_HOOK_INIT(sem_associate, selinux_sem_associate), LSM_HOOK_INIT(sem_semctl, selinux_sem_semctl), @@ -7101,13 +7106,11 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(setprocattr, selinux_setprocattr),

LSM_HOOK_INIT(ismaclabel, selinux_ismaclabel), - LSM_HOOK_INIT(secid_to_secctx, selinux_secid_to_secctx), LSM_HOOK_INIT(secctx_to_secid, selinux_secctx_to_secid), LSM_HOOK_INIT(release_secctx, selinux_release_secctx), LSM_HOOK_INIT(inode_invalidate_secctx, selinux_inode_invalidate_secctx), LSM_HOOK_INIT(inode_notifysecctx, selinux_inode_notifysecctx), LSM_HOOK_INIT(inode_setsecctx, selinux_inode_setsecctx), - LSM_HOOK_INIT(inode_getsecctx, selinux_inode_getsecctx),

LSM_HOOK_INIT(unix_stream_connect, selinux_socket_unix_stream_connect), LSM_HOOK_INIT(unix_may_send, selinux_socket_unix_may_send), @@ -7130,7 +7133,6 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(socket_getpeersec_stream, selinux_socket_getpeersec_stream), LSM_HOOK_INIT(socket_getpeersec_dgram, selinux_socket_getpeersec_dgram), - LSM_HOOK_INIT(sk_alloc_security, selinux_sk_alloc_security), LSM_HOOK_INIT(sk_free_security, selinux_sk_free_security), LSM_HOOK_INIT(sk_clone_security, selinux_sk_clone_security), LSM_HOOK_INIT(sk_getsecid, selinux_sk_getsecid), @@ -7145,7 +7147,6 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(secmark_refcount_inc, selinux_secmark_refcount_inc), LSM_HOOK_INIT(secmark_refcount_dec, selinux_secmark_refcount_dec), LSM_HOOK_INIT(req_classify_flow, selinux_req_classify_flow), - LSM_HOOK_INIT(tun_dev_alloc_security, selinux_tun_dev_alloc_security), LSM_HOOK_INIT(tun_dev_free_security, selinux_tun_dev_free_security), LSM_HOOK_INIT(tun_dev_create, selinux_tun_dev_create), LSM_HOOK_INIT(tun_dev_attach_queue, selinux_tun_dev_attach_queue), @@ -7155,17 +7156,11 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(ib_pkey_access, selinux_ib_pkey_access), LSM_HOOK_INIT(ib_endport_manage_subnet, selinux_ib_endport_manage_subnet), - LSM_HOOK_INIT(ib_alloc_security, selinux_ib_alloc_security), LSM_HOOK_INIT(ib_free_security, selinux_ib_free_security), #endif #ifdef CONFIG_SECURITY_NETWORK_XFRM - LSM_HOOK_INIT(xfrm_policy_alloc_security, selinux_xfrm_policy_alloc), - LSM_HOOK_INIT(xfrm_policy_clone_security, selinux_xfrm_policy_clone), LSM_HOOK_INIT(xfrm_policy_free_security, selinux_xfrm_policy_free), LSM_HOOK_INIT(xfrm_policy_delete_security, selinux_xfrm_policy_delete), - LSM_HOOK_INIT(xfrm_state_alloc, selinux_xfrm_state_alloc), - LSM_HOOK_INIT(xfrm_state_alloc_acquire, - selinux_xfrm_state_alloc_acquire), LSM_HOOK_INIT(xfrm_state_free_security, selinux_xfrm_state_free), LSM_HOOK_INIT(xfrm_state_delete_security, selinux_xfrm_state_delete), LSM_HOOK_INIT(xfrm_policy_lookup, selinux_xfrm_policy_lookup), @@ -7175,14 +7170,12 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { #endif

#ifdef CONFIG_KEYS - LSM_HOOK_INIT(key_alloc, selinux_key_alloc), LSM_HOOK_INIT(key_free, selinux_key_free), LSM_HOOK_INIT(key_permission, selinux_key_permission), LSM_HOOK_INIT(key_getsecurity, selinux_key_getsecurity), #endif

#ifdef CONFIG_AUDIT - LSM_HOOK_INIT(audit_rule_init, selinux_audit_rule_init), LSM_HOOK_INIT(audit_rule_known, selinux_audit_rule_known), LSM_HOOK_INIT(audit_rule_match, selinux_audit_rule_match), LSM_HOOK_INIT(audit_rule_free, selinux_audit_rule_free), @@ -7192,11 +7185,53 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(bpf, selinux_bpf), LSM_HOOK_INIT(bpf_map, selinux_bpf_map), LSM_HOOK_INIT(bpf_prog, selinux_bpf_prog), - LSM_HOOK_INIT(bpf_map_alloc_security, selinux_bpf_map_alloc), - LSM_HOOK_INIT(bpf_prog_alloc_security, selinux_bpf_prog_alloc), LSM_HOOK_INIT(bpf_map_free_security, selinux_bpf_map_free), LSM_HOOK_INIT(bpf_prog_free_security, selinux_bpf_prog_free), #endif + + /* + * PUT "CLONING" (ACCESSING + ALLOCATING) HOOKS HERE + */ + LSM_HOOK_INIT(sb_copy_data, selinux_sb_copy_data), + LSM_HOOK_INIT(sb_parse_opts_str, selinux_parse_opts_str), +#ifdef CONFIG_SECURITY_NETWORK_XFRM + LSM_HOOK_INIT(xfrm_policy_clone_security, selinux_xfrm_policy_clone), +#endif + + /* + * PUT "ALLOCATING" HOOKS HERE + */ + LSM_HOOK_INIT(msg_msg_alloc_security, selinux_msg_msg_alloc_security), + LSM_HOOK_INIT(msg_queue_alloc_security, + selinux_msg_queue_alloc_security), + LSM_HOOK_INIT(shm_alloc_security, selinux_shm_alloc_security), + LSM_HOOK_INIT(sb_alloc_security, selinux_sb_alloc_security), + LSM_HOOK_INIT(inode_alloc_security, selinux_inode_alloc_security), + LSM_HOOK_INIT(cred_alloc_blank, selinux_cred_alloc_blank), + LSM_HOOK_INIT(sem_alloc_security, selinux_sem_alloc_security), + LSM_HOOK_INIT(secid_to_secctx, selinux_secid_to_secctx), + LSM_HOOK_INIT(inode_getsecctx, selinux_inode_getsecctx), + LSM_HOOK_INIT(sk_alloc_security, selinux_sk_alloc_security), + LSM_HOOK_INIT(tun_dev_alloc_security, selinux_tun_dev_alloc_security), +#ifdef CONFIG_SECURITY_INFINIBAND + LSM_HOOK_INIT(ib_alloc_security, selinux_ib_alloc_security), +#endif +#ifdef CONFIG_SECURITY_NETWORK_XFRM + LSM_HOOK_INIT(xfrm_policy_alloc_security, selinux_xfrm_policy_alloc), + LSM_HOOK_INIT(xfrm_state_alloc, selinux_xfrm_state_alloc), + LSM_HOOK_INIT(xfrm_state_alloc_acquire, + selinux_xfrm_state_alloc_acquire), +#endif +#ifdef CONFIG_KEYS + LSM_HOOK_INIT(key_alloc, selinux_key_alloc), +#endif +#ifdef CONFIG_AUDIT + LSM_HOOK_INIT(audit_rule_init, selinux_audit_rule_init), +#endif +#ifdef CONFIG_BPF_SYSCALL + LSM_HOOK_INIT(bpf_map_alloc_security, selinux_bpf_map_alloc), + LSM_HOOK_INIT(bpf_prog_alloc_security, selinux_bpf_prog_alloc), +#endif };

static __init int selinux_init(void) @@ -7385,14 +7420,18 @@ int selinux_disable(struct selinux_state *state)

selinux_enabled = 0;

+ /* + * Unregister netfilter hooks. + * Must be done before security_delete_hooks() to avoid breaking + * runtime disable. + */ + selinux_nf_ip_exit(); + security_delete_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks));

/* Try to destroy the avc node cache */ avc_disable();

- /* Unregister netfilter hooks. */ - selinux_nf_ip_exit(); - /* Unregister selinuxfs. */ exit_sel_fs();

-- 2.25.1

638

Age (days ago)

638

Last active (days ago)

kernel@openeuler.org

13 comments

1 participants

tags (0)

participants (1)

Yongqiang Liu