On Thu, Apr 30, 2020 at 4:17 PM Paul Moore <paul@xxxxxxxxxxxxxx> wrote: > > Fix the SELinux netlink_send hook to properly handle multiple netlink > messages in a single sk_buff; each message is parsed and subject to > SELinux access control. Prior to this patch, SELinux only inspected > the first message in the sk_buff. > > Cc: stable@xxxxxxxxxxxxxxx > Reported-by: Dmitry Vyukov <dvyukov@xxxxxxxxxx> > Reviewed-by: Stephen Smalley <stephen.smalley.work@xxxxxxxxx> > Signed-off-by: Paul Moore <paul@xxxxxxxxxxxxxx> > --- > security/selinux/hooks.c | 70 ++++++++++++++++++++++++++++++---------------- > 1 file changed, 45 insertions(+), 25 deletions(-) This has been merged into selinux/stable-5.7. -- paul moore www.paul-moore.com
