These changes fix a bug in xattr handling, where the evm and ima
inode_setxattr() functions do not check for empty xattrs being passed from
userspace (leading to user-triggerable null pointer dereferences).
Please pull.
The following changes since commit 9f76628da20f96a179ca62b504886f99ecc29223:
Merge branch 'for-3.18' of git://linux-nfs.org/~bfields/linux (2014-10-28
13:32:06 -0700)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git
for-linus
Dmitry Kasatkin (2):
ima: check xattr value length and type in the ima_inode_setxattr()
evm: check xattr value length and type in evm_inode_setxattr()
James Morris (1):
Merge branch 'for-linus' of
git://git.kernel.org/.../zohar/linux-integrity into for-linus
security/integrity/evm/evm_main.c | 9 ++++++---
security/integrity/ima/ima_appraise.c | 2 ++
security/integrity/integrity.h | 1 +
3 files changed, 9 insertions(+), 3 deletions(-)
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
