plautrba / rpms / libselinux

Forked from rpms/libselinux 6 years ago
Clone
Source Code
GIT

Blame 0006-libselinux-initialize-last_policyload-in-selinux_sta.patch

3.1-5 3.5-rc2 SELinuxProject-selinux-issues-28 WIP-shared-tests copr-plautrba-selinux-fedora drop-dso.h f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f31-1862823-security_compute_user f32-fixselinux_restorecon f32-with-python2 f33-test-getsebool f7 f8 f9 libselinux-3.2-2 master master-split-patches patchwork476511 private-master-2.4 private-master-2.5 private-upstream-master python-metadata python-metadata-master rawhide security-compute-user test-PR test-getsebool test-patchwork-479449 tests-selinux-pr-70 tmt
  1.   c2f612087d9f2e46c5b758c255f5a1b59303592a
  2.   0006-libselinux-initialize-last_policyload-in-selinux_sta.patch
Blob History Raw
74de835 
From a63f93d83b57f1a10712c5fcd29be246e8eff20d Mon Sep 17 00:00:00 2001
74de835 
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
74de835 
Date: Tue, 25 Aug 2020 17:32:05 +0200
74de835 
Subject: [PATCH] libselinux: initialize last_policyload in
74de835 
 selinux_status_open()
74de835 
MIME-Version: 1.0
74de835 
Content-Type: text/plain; charset=UTF-8
74de835 
Content-Transfer-Encoding: 8bit
74de835
74de835 
If not initialized to the current policyload count, an enforcing change
74de835 
will trigger policyload-callbacks in selinux_status_updated().
74de835
74de835 
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
74de835 
Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com>
74de835 
---
74de835 
 libselinux/src/sestatus.c | 15 ++++++++++++---
74de835 
 1 file changed, 12 insertions(+), 3 deletions(-)
74de835
74de835 
diff --git a/libselinux/src/sestatus.c b/libselinux/src/sestatus.c
74de835 
index ca2d3bbf9cb2..9ff2785d876a 100644
74de835 
--- a/libselinux/src/sestatus.c
74de835 
+++ b/libselinux/src/sestatus.c
74de835 
@@ -278,9 +278,10 @@ static int fallback_cb_policyload(int policyload)
74de835 
  */
74de835 
 int selinux_status_open(int fallback)
74de835 
 {
74de835 
-	int	fd;
74de835 
-	char	path[PATH_MAX];
74de835 
-	long	pagesize;
74de835 
+	int		fd;
74de835 
+	char		path[PATH_MAX];
74de835 
+	long		pagesize;
74de835 
+	uint32_t	seqno;
74de835
74de835 
 	if (!selinux_mnt) {
74de835 
 		errno = ENOENT;
74de835 
@@ -304,6 +305,14 @@ int selinux_status_open(int fallback)
74de835 
 	selinux_status_fd = fd;
74de835 
 	last_seqno = (uint32_t)(-1);
74de835
74de835 
+	/* sequence must not be changed during references */
74de835 
+	do {
74de835 
+		seqno = read_sequence(selinux_status);
74de835 
+
74de835 
+		last_policyload = selinux_status->policyload;
74de835 
+
74de835 
+	} while (seqno != read_sequence(selinux_status));
74de835 
+
74de835 
 	/* No need to use avc threads if the kernel status page is available */
74de835 
 	avc_using_threads = 0;
74de835
74de835 
--
74de835 
2.29.0
74de835
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.