Re: [PATCH] selinux: reject invalid ebitmaps

From: Stephen Smalley
Date: Fri Sep 08 2023 - 15:04:59 EST

Next message: Sasha Levin: "[PATCH AUTOSEL 5.15 14/15] libbpf: Free btf_vmlinux when closing bpf_object"
Previous message: John Ogness: "[PATCH printk v4 6/8] printk: nbcon: Add sequence handling"
Next in thread: Paul Moore: "Re: [PATCH] selinux: reject invalid ebitmaps"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Aug 18, 2023 at 11:29 AM Christian Göttsche
<cgzones@xxxxxxxxxxxxxx> wrote:
>
> Reject ebitmaps with a node containing an empty map or with an incorrect
> highbit. Both checks are already performed by userspace, the former
> since 2008 (patch 13cd4c896068 ("initial import from svn trunk revision
> 2950")), the latter since v2.7 in 2017 (patch 75b14a5de10a ("libsepol:
> ebitmap: reject loading bitmaps with incorrect high bit")).
>
> Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>

Reviewed-by: Stephen Smalley <stephen.smalley.work@xxxxxxxxx>

Next message: Sasha Levin: "[PATCH AUTOSEL 5.15 14/15] libbpf: Free btf_vmlinux when closing bpf_object"
Previous message: John Ogness: "[PATCH printk v4 6/8] printk: nbcon: Add sequence handling"
Next in thread: Paul Moore: "Re: [PATCH] selinux: reject invalid ebitmaps"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]