Unverified Commit 6ef38034 authored by openeuler-ci-bot's avatar openeuler-ci-bot Committed by Gitee
Browse files

!420 backport CVEs and bugfixes 

Merge Pull Request from: @LiuYongQiang0816 
 
Pull new CVEs:
CVE-2023-26545

a nbd bugfix from Zhong Jinghua
two selinux bugfixes from GONG, Ruiqi 
 
Link:https://gitee.com/openeuler/kernel/pulls/420

 

Reviewed-by: default avatarZheng Zengkai <zhengzengkai@huawei.com>
Signed-off-by: default avatarZheng Zengkai <zhengzengkai@huawei.com>
parents 18e32b66 387bf44c

drivers/block/nbd.c

+1 −2
Original line number Diff line number Diff line
@@ -1706,7 +1706,6 @@ static int nbd_dev_add(int index) 
	struct gendisk *disk;

	struct request_queue *q;

	int err = -ENOMEM;

	int first_minor = index << part_shift;



	nbd = kzalloc(sizeof(struct nbd_device), GFP_KERNEL);

	if (!nbd)
@@ -1770,7 +1769,7 @@ static int nbd_dev_add(int index) 
	refcount_set(&nbd->refs, 1);

	INIT_LIST_HEAD(&nbd->list);

	disk->major = NBD_MAJOR;

	disk->first_minor = first_minor;

	disk->first_minor = index << part_shift;

	disk->fops = &nbd_fops;

	disk->private_data = nbd;

	sprintf(disk->disk_name, "nbd%d", index);

net/mpls/af_mpls.c

+4 −0
Original line number Diff line number Diff line
@@ -1375,6 +1375,7 @@ static int mpls_dev_sysctl_register(struct net_device *dev, 
free:

	kfree(table);

out:

	mdev->sysctl = NULL;

	return -ENOBUFS;

}
@@ -1384,6 +1385,9 @@ static void mpls_dev_sysctl_unregister(struct net_device *dev, 
	struct net *net = dev_net(dev);

	struct ctl_table *table;



	if (!mdev->sysctl)

		return;



	table = mdev->sysctl->ctl_table_arg;

	unregister_net_sysctl_table(mdev->sysctl);

	kfree(table);

security/selinux/hooks.c

+7 −3
Original line number Diff line number Diff line
@@ -7040,7 +7040,6 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { 
	LSM_HOOK_INIT(inode_copy_up_xattr, selinux_inode_copy_up_xattr),



	LSM_HOOK_INIT(file_permission, selinux_file_permission),

	LSM_HOOK_INIT(file_alloc_security, selinux_file_alloc_security),

	LSM_HOOK_INIT(file_free_security, selinux_file_free_security),

	LSM_HOOK_INIT(file_ioctl, selinux_file_ioctl),

	LSM_HOOK_INIT(mmap_file, selinux_mmap_file),
@@ -7056,7 +7055,6 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { 


	LSM_HOOK_INIT(task_alloc, selinux_task_alloc),

	LSM_HOOK_INIT(cred_free, selinux_cred_free),

	LSM_HOOK_INIT(cred_prepare, selinux_cred_prepare),

	LSM_HOOK_INIT(cred_transfer, selinux_cred_transfer),

	LSM_HOOK_INIT(cred_getsecid, selinux_cred_getsecid),

	LSM_HOOK_INIT(kernel_act_as, selinux_kernel_act_as),
@@ -7207,7 +7205,7 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { 
	LSM_HOOK_INIT(shm_alloc_security, selinux_shm_alloc_security),

	LSM_HOOK_INIT(sb_alloc_security, selinux_sb_alloc_security),

	LSM_HOOK_INIT(inode_alloc_security, selinux_inode_alloc_security),

	LSM_HOOK_INIT(cred_alloc_blank, selinux_cred_alloc_blank),

	LSM_HOOK_INIT(file_alloc_security, selinux_file_alloc_security),

	LSM_HOOK_INIT(sem_alloc_security, selinux_sem_alloc_security),

	LSM_HOOK_INIT(secid_to_secctx, selinux_secid_to_secctx),

	LSM_HOOK_INIT(inode_getsecctx, selinux_inode_getsecctx),
@@ -7232,6 +7230,12 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { 
	LSM_HOOK_INIT(bpf_map_alloc_security, selinux_bpf_map_alloc),

	LSM_HOOK_INIT(bpf_prog_alloc_security, selinux_bpf_prog_alloc),

#endif



	/*

	 * Hooks with tsec allocation should be kept until the really last

	 */

	LSM_HOOK_INIT(cred_alloc_blank, selinux_cred_alloc_blank),

	LSM_HOOK_INIT(cred_prepare, selinux_cred_prepare),

};



static __init int selinux_init(void)