number of symbols present in them
Signed-off-by: Vishal Goel
Signed-off-by: Amit Sahrawat
---
kernel/module.c | 35 ---
1 file changed, 20 insertions(+), 15 deletions(-)
diff --git a/kernel/module.c b/kernel/module.c
index 646f1e2..d5b7b0a 100644
--- a/kernel
e depending upon the kzalloc cache sizes available in
system. Although the size of structure is 20 bytes only, resulting
in memory wastage per object in the default pool.
For e.g., if there are 2 rules, then it will save 240KB(2*12)
which is crucial for small memory targets.
Signed-off-by: Vis
will be no performance impact on system
Signed-off-by: Vishal Goel
Signed-off-by: Amit Sahrawat
---
security/smack/smackfs.c | 53 ++--
1 file changed, 15 insertions(+), 38 deletions(-)
diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c
ind
performance impact on system
Signed-off-by: Vishal Goel
Signed-off-by: Amit Sahrawat
---
security/smack/smackfs.c | 53 ++--
1 file changed, 15 insertions(+), 38 deletions(-)
diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c
index f6482e5
From 2ac41a9bbbf267c33d1741d94f28aff2369b5cc1 Mon Sep 17 00:00:00 2001
From: Vishal Goel
Date: Wed, 4 Feb 2015 22:59:50 +0530
Subject: This patch fixes the undesired SMACK label (SMACK64IPIN)
update when a second bind call is made to same IP address & port, but with
different SMACK l
From b32429fe2ff2f1fbfcf2a939f9ff9e2e798d7e72 Mon Sep 17 00:00:00 2001
From: Vishal Goel
Date: Wed, 4 Feb 2015 19:45:08 +0530
Subject: This patch fixes the issue of "permission denied error" which
comes when 2 IPv6 servers are running and client tries to connect one of
them. Scenar
From 875727546f9ba0d3a98a906cff07fd710d72cadc Mon Sep 17 00:00:00 2001
From: Vishal Goel
Date: Wed, 4 Feb 2015 03:02:55 +0530
Subject: This patch adds the rcu synchronization mechanism in SMACK
IPv6 hooks while accessing smk_ipv6_port_list. Access to the port list is
vulnerable to a race
ets called
to free the socket security blob when the socket gets closed. In this
function,
port entry is searched in the list for the closing socket. If it is
found then "smk_can_reuse" field is set to 1.
"smk_can_reuse" field is set to 0 in smk_ipv6_port_label() function
after creating
cols (tcp or udp), then 2 different port entries
will be added in the list. Similarly which checking smack access in
smk_ipv6_port_check() function, port entry is searched on the basis of both
port and protocol.
Signed-off-by: Vishal Goel
Himanshu Shukla
---
security/smack/smack
process of being updated
Signed-off-by: Vishal Goel
Himanshu Shukla
---
security/smack/smack_lsm.c | 20 +++-
1 file changed, 15 insertions(+), 5 deletions(-)
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index f1b17a4..87f0f0a 100644
--- a
d
to free the socket security blob when the socket gets closed. In this
function,
port entry is searched in the list for the closing socket. If it is
found then "smk_can_reuse" field is set to 1.
"smk_can_reuse" field is set to 0 in smk_ipv6_port_label() function
after creating
p or udp), then 2 different port entries will be
added in the list. Similarly which checking smack access in
smk_ipv6_port_check() function, port entry is searched on the basis of both
port and protocol.
Signed-off-by: Vishal Goel
Himanshu Shukla
---
security/smack/smack.h
process of being updated
Signed-off-by: Vishal Goel
Himanshu Shukla
---
security/smack/smack_lsm.c | 21 +++--
1 file changed, 15 insertions(+), 6 deletions(-)
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index d515ec2..b3427ee 100644
--- a
13 matches
Mail list logo
