aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorJeff Vander Stoep <jeffv@google.com>2015-04-29 11:14:23 -0700
committerZiyan <jaraidaniel@gmail.com>2016-03-11 01:10:44 +0100
commitd7f611b35886ea55d7d4284a2c9397a6522382dd (patch)
tree86ae141a37e772eb1e8e87a2c72b721a05cffc05 /security
parente27358b95e22e19338ace0f7ef140a8ef74e5e04 (diff)
downloadkernel_samsung_tuna-d7f611b35886ea55d7d4284a2c9397a6522382dd.zip
kernel_samsung_tuna-d7f611b35886ea55d7d4284a2c9397a6522382dd.tar.gz
kernel_samsung_tuna-d7f611b35886ea55d7d4284a2c9397a6522382dd.tar.bz2
SELinux: ss: Fix policy write for ioctl operations
Security server omits the type field when writing out the contents of the avtab from /sys/fs/selinux/policy. This leads to a corrupt output. No impact on the running kernel or its loaded policy. Impacts CTS neverallow tests. Bug: 20665861 Change-Id: I657e18013dd5a1f40052bc2b02dd8e0afee9bcfb Signed-off-by: Jeff Vander Stoep <jeffv@google.com> (cherry picked from commit 8cdfb356b51e29494ca0b9e4e86727d6f841a52d)
Diffstat (limited to 'security')
-rw-r--r--security/selinux/ss/avtab.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/security/selinux/ss/avtab.c b/security/selinux/ss/avtab.c
index 2e4ff00..dd7466c 100644
--- a/security/selinux/ss/avtab.c
+++ b/security/selinux/ss/avtab.c
@@ -565,6 +565,9 @@ int avtab_write_item(struct policydb *p, struct avtab_node *cur, void *fp)
return rc;
if (cur->key.specified & AVTAB_OP) {
+ rc = put_entry(&cur->datum.u.ops->type, sizeof(u8), 1, fp);
+ if (rc)
+ return rc;
for (i = 0; i < ARRAY_SIZE(cur->datum.u.ops->op.perms); i++)
buf32[i] = cpu_to_le32(cur->datum.u.ops->op.perms[i]);
rc = put_entry(buf32, sizeof(u32),