1 files changed, 40 insertions, 0 deletions

diff --git a/meta-rcar-gen2/recipes-kernel/linux/linux-renesas/smack/0048-smack-Fix-a-bidirectional-UDS-connect-check-typo.patch b/meta-rcar-gen2/recipes-kernel/linux/linux-renesas/smack/0048-smack-Fix-a-bidirectional-UDS-connect-check-typo.patch
new file mode 100644
index 0000000..6df1e69
--- /dev/null
+++ b/meta-rcar-gen2/recipes-kernel/linux/linux-renesas/smack/0048-smack-Fix-a-bidirectional-UDS-connect-check-typo.patch
@@ -0,0 +1,40 @@
+From 8f134ed7adfba222fc1ea182accc95e7fb8e2be3 Mon Sep 17 00:00:00 2001
+From: Zbigniew Jasinski <z.jasinski@samsung.com>
+Date: Mon, 29 Dec 2014 15:34:58 +0100
+Subject: [PATCH 48/54] smack: Fix a bidirectional UDS connect check typo
+
+The 54e70ec5eb090193b03e69d551fa6771a5a217c4 commit introduced a
+bidirectional check that should have checked for mutual WRITE access
+between two labels. Due to a typo subject's OUT label is checked with
+object's OUT. Should be OUT to IN.
+
+Signed-off-by: Zbigniew Jasinski <z.jasinski@samsung.com>
+---
+ security/smack/smack_lsm.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
+index bc43227..c6f8664 100644
+--- a/security/smack/smack_lsm.c
++++ b/security/smack/smack_lsm.c
+@@ -3313,7 +3313,7 @@ static int smack_unix_stream_connect(struct sock *sock,
+ 
+ 	if (!smack_privileged(CAP_MAC_OVERRIDE)) {
+ 		skp = ssp->smk_out;
+-		okp = osp->smk_out;
++		okp = osp->smk_in;
+ #ifdef CONFIG_AUDIT
+ 		smk_ad_init_net(&ad, __func__, LSM_AUDIT_DATA_NET, &net);
+ 		smk_ad_setfield_u_net_sk(&ad, other);
+@@ -3321,6 +3321,8 @@ static int smack_unix_stream_connect(struct sock *sock,
+ 		rc = smk_access(skp, okp, MAY_WRITE, &ad);
+ 		rc = smk_bu_note("UDS connect", skp, okp, MAY_WRITE, rc);
+ 		if (rc == 0) {
++			okp = osp->smk_out;
++			skp = ssp->smk_in;
+ 			rc = smk_access(okp, skp, MAY_WRITE, NULL);
+ 			rc = smk_bu_note("UDS connect", okp, skp,
+ 						MAY_WRITE, rc);
+-- 
+2.1.4
+