summaryrefslogtreecommitdiff
path: root/security/selinux
diff options
context:
space:
mode:
authorPablo Neira <pablo@netfilter.org>2015-10-13 12:47:48 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2015-10-15 06:45:03 +0200
commit8cbc870829ecd8f1062f2a756683c80e2d1eae7f (patch)
treea6aef860ba8faa818349f7033e574f4b060485ee /security/selinux
parent336a3b3ee925362ca720342bbae4f36b2215064a (diff)
netfilter: nfnetlink_log: validate dependencies to avoid breaking atomicity
Check that dependencies are fulfilled before updating the logger instance, otherwise we can leave things in intermediate state on errors in nfulnl_recv_config(). [ Ken-ichirou reports that this is also fixing missing instance refcnt drop on error introduced in his patch 914eebf2f434 ("netfilter: nfnetlink_log: autoload nf_conntrack_netlink module NFQA_CFG_F_CONNTRACK config flag"). ] Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Tested-by: Ken-ichirou MATSUZAWA <chamaken@gmail.com>
Diffstat (limited to 'security/selinux')
0 files changed, 0 insertions, 0 deletions