Re: [PATCH] selinux: get netlabel_wildcard policycap from policy instead of cache

From: Paul Moore
Date: Mon Mar 17 2025 - 16:22:11 EST

Next message: Arnaldo Carvalho de Melo: "Re: [PATCH v2 1/2] perf record: Add 8-byte aligned event type PERF_RECORD_COMPRESSED2"
Previous message: Jason Gunthorpe: "Re: [PATCH v4 0/3] iommu: Clean up cookie and sw_msi in struct iommu_domain"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mar 12, 2025 =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgoettsche@xxxxxxxxxxxxx> wrote:
>
> Retrieve the netlabel_wildcard policy capability in security_netif_sid()
> from the locked active policy instead of the cached value in
> selinux_state.
>
> Fixes: 8af43b61c17e ("selinux: support wildcard network interface names")
> Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
> Acked-by: Stephen Smalley <stephen.smalley.work@xxxxxxxxx>
> ---
> security/selinux/ss/services.c | 3 +--
> 1 file changed, 1 insertion(+), 2 deletions(-)

As this is a fix for a commit in selinux/dev, I've gone ahead and merged
this into selinux/dev (with a /netlabel/netif/ tweak) to the commit
description.

Thanks everyone.

--
paul-moore.com

Next message: Arnaldo Carvalho de Melo: "Re: [PATCH v2 1/2] perf record: Add 8-byte aligned event type PERF_RECORD_COMPRESSED2"
Previous message: Jason Gunthorpe: "Re: [PATCH v4 0/3] iommu: Clean up cookie and sw_msi in struct iommu_domain"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]