From 306076886739b9bbfcae89437318756dd4a50dbd Mon Sep 17 00:00:00 2001
From: Eric Paris <eparis@redhat.com>
Date: Mon, 23 Nov 2009 16:47:23 -0500
Subject: [PATCH] --- yaml --- r: 169173 b: refs/heads/master c:
 0bce95279909aa4cc401a2e3140b4295ca22e72a h: refs/heads/master i:   169171:
 bd75ba06b9f7ee0b0e1b27c4d48e8ba9ed087c48 v: v3

---
 [refs]                               | 2 +-
 trunk/security/selinux/avc.c         | 2 +-
 trunk/security/selinux/ss/services.c | 7 +++++++
 3 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/[refs] b/[refs]
index 7044644f6dfe..864146a04bdb 100644
--- a/[refs]
+++ b/[refs]
@@ -1,2 +1,2 @@
 ---
-refs/heads/master: c4a5af54c8ef277a59189fc9358e190f3c1b8206
+refs/heads/master: 0bce95279909aa4cc401a2e3140b4295ca22e72a
diff --git a/trunk/security/selinux/avc.c b/trunk/security/selinux/avc.c
index 18f4103e02b7..f2dde268165a 100644
--- a/trunk/security/selinux/avc.c
+++ b/trunk/security/selinux/avc.c
@@ -117,7 +117,7 @@ static void avc_dump_av(struct audit_buffer *ab, u16 tclass, u32 av)
 	i = 0;
 	perm = 1;
 	while (i < (sizeof(av) * 8)) {
-		if (perm & av) {
+		if ((perm & av) && perms[i]) {
 			audit_log_format(ab, " %s", perms[i]);
 			av &= ~perm;
 		}
diff --git a/trunk/security/selinux/ss/services.c b/trunk/security/selinux/ss/services.c
index 77f6e54bb43f..d6bb20cbad62 100644
--- a/trunk/security/selinux/ss/services.c
+++ b/trunk/security/selinux/ss/services.c
@@ -239,6 +239,13 @@ static void map_decision(u16 tclass, struct av_decision *avd,
 			if (!allow_unknown && !current_mapping[tclass].perms[i])
 				result |= 1<<i;
 		}
+		/*
+		 * In case the kernel has a bug and requests a permission
+		 * between num_perms and the maximum permission number, we
+		 * should audit that denial
+		 */
+		for (; i < (sizeof(u32)*8); i++)
+			result |= 1<<i;
 		avd->auditdeny = result;
 	}
 }