diff options
author | Paul Moore <paul@paul-moore.com> | 2016-06-09 16:40:37 +0200 |
---|---|---|
committer | Paul Moore <paul@paul-moore.com> | 2016-06-09 16:40:37 +0200 |
commit | 8bebe88c0995f331b0614f413285ce2b1d6fe09c (patch) | |
tree | b8ad1ea05b35f57ad672d0806307d8e03a9da9a9 | |
parent | iucv: properly clone LSM attributes to newly created child sockets (diff) | |
download | linux-8bebe88c0995f331b0614f413285ce2b1d6fe09c.tar.xz linux-8bebe88c0995f331b0614f413285ce2b1d6fe09c.zip |
selinux: import NetLabel category bitmaps correctly
The existing ebitmap_netlbl_import() code didn't correctly handle the
case where the ebitmap_node was not aligned/sized to a power of two,
this patch fixes this (on x86_64 ebitmap_node contains six bitmaps
making a range of 0..383).
Signed-off-by: Paul Moore <paul@paul-moore.com>
-rw-r--r-- | security/selinux/ss/ebitmap.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/security/selinux/ss/ebitmap.c b/security/selinux/ss/ebitmap.c index 57644b1dc42e..894b6cdc11c5 100644 --- a/security/selinux/ss/ebitmap.c +++ b/security/selinux/ss/ebitmap.c @@ -165,7 +165,7 @@ int ebitmap_netlbl_import(struct ebitmap *ebmap, e_iter = kzalloc(sizeof(*e_iter), GFP_ATOMIC); if (e_iter == NULL) goto netlbl_import_failure; - e_iter->startbit = offset & ~(EBITMAP_SIZE - 1); + e_iter->startbit = offset - (offset % EBITMAP_SIZE); if (e_prev == NULL) ebmap->node = e_iter; else |