diff options
-rw-r--r-- | crypto-properly-label-AF_ALG-socket.patch | 44 | ||||
-rw-r--r-- | kernel.spec | 11 | ||||
-rw-r--r-- | sources | 2 |
3 files changed, 5 insertions, 52 deletions
diff --git a/crypto-properly-label-AF_ALG-socket.patch b/crypto-properly-label-AF_ALG-socket.patch deleted file mode 100644 index b42186bde..000000000 --- a/crypto-properly-label-AF_ALG-socket.patch +++ /dev/null @@ -1,44 +0,0 @@ -Th AF_ALG socket was missing a security label (e.g. SELinux) -which means that socket was in "unlabeled" state. - -This was recently demonstrated in the cryptsetup package -(cryptsetup v1.6.5 and later.) -See https://bugzilla.redhat.com/show_bug.cgi?id=1115120 - -This patch clones the sock's label from the parent sock -and resolves the issue (similar to AF_BLUETOOTH protocol family). - -Cc: stable@vger.kernel.org -Signed-off-by: Milan Broz <gmazyland@gmail.com> ---- - crypto/af_alg.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/crypto/af_alg.c b/crypto/af_alg.c -index 966f893..6a3ad80 100644 ---- a/crypto/af_alg.c -+++ b/crypto/af_alg.c -@@ -21,6 +21,7 @@ - #include <linux/module.h> - #include <linux/net.h> - #include <linux/rwsem.h> -+#include <linux/security.h> - - struct alg_type_list { - const struct af_alg_type *type; -@@ -243,6 +244,7 @@ int af_alg_accept(struct sock *sk, struct socket *newsock) - - sock_init_data(newsock, sk2); - sock_graft(sk2, newsock); -+ security_sk_clone(sk, sk2); - - err = type->accept(ask->private, sk2); - if (err) { --- -2.0.1 - -_______________________________________________ -Selinux mailing list -Selinux@tycho.nsa.gov -To unsubscribe, send email to Selinux-leave@tycho.nsa.gov. -To get help, send an email containing "help" to Selinux-request@tycho.nsa.gov.
\ No newline at end of file diff --git a/kernel.spec b/kernel.spec index d491238eb..571f070dc 100644 --- a/kernel.spec +++ b/kernel.spec @@ -69,7 +69,7 @@ Summary: The Linux kernel # The rc snapshot level %define rcrev 7 # The git snapshot level -%define gitrev 3 +%define gitrev 4 # Set rpm version accordingly %define rpmversion 3.%{upstream_sublevel}.0 %endif @@ -643,9 +643,6 @@ Patch25110: 0001-ideapad-laptop-Change-Lenovo-Yoga-2-series-rfkill-ha.patch #rhbz 1117942 Patch25118: sched-fix-sched_setparam-policy-1-logic.patch -#rhbz 1115120 -Patch25120: crypto-properly-label-AF_ALG-socket.patch - # git clone ssh://git.fedorahosted.org/git/kernel-arm64.git, git diff master...devel Patch30000: kernel-arm64.patch @@ -1374,9 +1371,6 @@ ApplyPatch 0001-ideapad-laptop-Change-Lenovo-Yoga-2-series-rfkill-ha.patch #rhbz 1117942 ApplyPatch sched-fix-sched_setparam-policy-1-logic.patch -#rhbz 1115120 -ApplyPatch crypto-properly-label-AF_ALG-socket.patch - %if 0%{?aarch64patches} ApplyPatch kernel-arm64.patch %ifnarch aarch64 # this is stupid, but i want to notice before secondary koji does. @@ -2259,6 +2253,9 @@ fi # ||----w | # || || %changelog +* Fri Aug 01 2014 Josh Boyer <jwboyer@fedoraproject.org> - 3.16.0-0.rc7.git4.1 +- Linux v3.16-rc7-84-g6f0928036bcb + * Thu Jul 31 2014 Josh Boyer <jwboyer@fedoraproject.org> - 3.16.0-0.rc7.git3.1 - Linux v3.16-rc7-76-g3a1122d26c62 @@ -1,4 +1,4 @@ 97ca1625bb40368dc41b9a7971549071 linux-3.15.tar.xz ef8f4db937f521a7e323ec589536ba25 perf-man-3.15.tar.gz cf68262d938c6ec27bc96896beb8549f patch-3.16-rc7.xz -1c67029928355381d4d884f17627c800 patch-3.16-rc7-git3.xz +e0a01b33426ee65469142433358003ce patch-3.16-rc7-git4.xz |