From patchwork Mon Jun 13 14:16:32 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 9173131 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 9AED960573 for ; Mon, 13 Jun 2016 14:16:44 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8D837265B9 for ; Mon, 13 Jun 2016 14:16:44 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 7C0E626861; Mon, 13 Jun 2016 14:16:44 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 0D6C320223 for ; Mon, 13 Jun 2016 14:16:44 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1423728AbcFMOQf (ORCPT ); Mon, 13 Jun 2016 10:16:35 -0400 Received: from mx1.redhat.com ([209.132.183.28]:47917 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1423525AbcFMOQe (ORCPT ); Mon, 13 Jun 2016 10:16:34 -0400 Received: from int-mx13.intmail.prod.int.phx2.redhat.com (int-mx13.intmail.prod.int.phx2.redhat.com [10.5.11.26]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 0FFEC711D9; Mon, 13 Jun 2016 14:16:34 +0000 (UTC) Received: from [127.0.0.1] (vpn-62-8.rdu2.redhat.com [10.10.62.8]) by int-mx13.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id u5DEGXM5021973; Mon, 13 Jun 2016 10:16:33 -0400 Subject: [PATCH] netlabel: handle sparse category maps in netlbl_catmap_getlong() From: Paul Moore To: netdev@vger.kernel.org, linux-security-module@vger.kernel.org, selinux@tycho.nsa.gov Date: Mon, 13 Jun 2016 10:16:32 -0400 Message-ID: <146582739278.15237.7893325845379293452.stgit@localhost> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.68 on 10.5.11.26 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Mon, 13 Jun 2016 14:16:34 +0000 (UTC) Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Paul Moore In cases where the category bitmap is sparse enough that gaps exist between netlbl_lsm_catmap structs, callers to netlbl_catmap_getlong() could find themselves prematurely ending their search through the category bitmap. Further, the methods used to calculate the 'idx' and 'off' values were incorrect for bitmaps this large. This patch changes the netlbl_catmap_getlong() behavior so that it always skips over gaps and calculates the index and offset values correctly. Signed-off-by: Paul Moore --- net/netlabel/netlabel_kapi.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/net/netlabel/netlabel_kapi.c b/net/netlabel/netlabel_kapi.c index bd007a9..3c070f2 100644 --- a/net/netlabel/netlabel_kapi.c +++ b/net/netlabel/netlabel_kapi.c @@ -609,20 +609,19 @@ int netlbl_catmap_getlong(struct netlbl_lsm_catmap *catmap, off = catmap->startbit; *offset = off; } - iter = _netlbl_catmap_getnode(&catmap, off, _CM_F_NONE, 0); + iter = _netlbl_catmap_getnode(&catmap, off, _CM_F_WALK, 0); if (iter == NULL) { *offset = (u32)-1; return 0; } if (off < iter->startbit) { - off = iter->startbit; - *offset = off; + *offset = iter->startbit; + off = 0; } else off -= iter->startbit; - idx = off / NETLBL_CATMAP_MAPSIZE; - *bitmap = iter->bitmap[idx] >> (off % NETLBL_CATMAP_SIZE); + *bitmap = iter->bitmap[idx] >> (off % NETLBL_CATMAP_MAPSIZE); return 0; }