kernel-fxtec-pro1x/security
Jaihind Yadav 7742c3e9db selinux: ensure we cleanup the internal AVC counters on error in avc_update()
[ Upstream commit 030b995ad9ece9fa2d218af4429c1c78c2342096 ]

In AVC update we don't call avc_node_kill() when avc_xperms_populate()
fails, resulting in the avc->avc_cache.active_nodes counter having a
false value.  In last patch this changes was missed , so correcting it.

Fixes: fa1aa143ac ("selinux: extended permissions for ioctls")
Signed-off-by: Jaihind Yadav <jaihindyadav@codeaurora.org>
Signed-off-by: Ravi Kumar Siddojigari <rsiddoji@codeaurora.org>
[PM: merge fuzz, minor description cleanup]
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2020-02-24 08:34:43 +01:00
..
apparmor apparmor: don't try to replace stale label in ptrace access check 2020-01-27 14:49:55 +01:00
integrity
keys keys: Timestamp new keys 2020-01-27 14:50:23 +01:00
loadpin
selinux selinux: ensure we cleanup the internal AVC counters on error in avc_update() 2020-02-24 08:34:43 +01:00
smack LSM: generalize flag passing to security_capable 2020-01-23 08:21:29 +01:00
tomoyo tomoyo: Use atomic_t for statistics counter 2020-02-05 14:43:38 +00:00
yama
commoncap.c LSM: generalize flag passing to security_capable 2020-01-23 08:21:29 +01:00
device_cgroup.c
inode.c
Kconfig
lsm_audit.c
Makefile
min_addr.c
security.c LSM: generalize flag passing to security_capable 2020-01-23 08:21:29 +01:00