#ifndef GEOIPH_H #define GEOIPH_H #include #include #include "config.h" #include "die.h" #if defined(HAVE_GEOIP) && defined(HAVE_LIBZ) extern void init_geoip(int enforce); extern void update_geoip(void); extern int geoip_working(void); extern const char *geoip4_city_name(struct sockaddr_in sa); extern const char *geoip6_city_name(struct sockaddr_in6 sa); extern const char *geoip4_region_name(struct sockaddr_in sa); extern const char *geoip6_region_name(struct sockaddr_in6 sa); extern const char *geoip4_country_name(struct sockaddr_in sa); extern const char *geoip6_country_name(struct sockaddr_in6 sa); extern float geoip4_longitude(struct sockaddr_in sa); extern float geoip4_latitude(struct sockaddr_in sa); extern float geoip6_longitude(struct sockaddr_in6 sa); extern float geoip6_latitude(struct sockaddr_in6 sa); extern const char *geoip4_as_name(struct sockaddr_in sa); extern const char *geoip6_as_name(struct sockaddr_in6 sa); extern void destroy_geoip(void); #else static inline void init_geoip(int enforce) { } static inline void destroy_geoip(void) { } static inline void update_geoip(void) { panic("No built-in geoip support!\n"); } static inline int geoip_working(void) { return 0; } static inline const char *geoip4_city_name(struct sockaddr_in sa) { return NULL; } static inline const char *geoip6_city_name(struct sockaddr_in6 sa) { return NULL; } static inline const char *geoip4_region_name(struct sockaddr_in sa) { return NULL; } static inline const char *geoip6_region_name(struct sockaddr_in6 sa) { return NULL; } static inline const char *geoip4_country_name(struct sockaddr_in sa) { return NULL; } static inline const char *geoip6_country_name(struct sockaddr_in6 sa) { return NULL; } static inline float geoip4_longitude(struct sockaddr_in sa) { return .0f; } static inline float geoip4_latitude(struct sockaddr_in sa) { return .0f; } static inline float geoip6_longitude(struct sockaddr_in6 sa) { return .0f; } static inline float geoip6_latitude(struct sockaddr_in6 sa) { return .0f; } static inline const char *geoip4_as_name(struct sockaddr_in sa) { return NULL; } static inline const char *geoip6_as_name(struct sockaddr_in6 sa) { return NULL; } #endif #endif /* GEOIPH_H */ ass='right' method='get' action='/cgit.cgi/linux/net-next.git/log/security'>
diff options
context:
space:
mode:
authorSeth Forshee <seth.forshee@canonical.com>2016-08-01 08:19:10 -0500
committerMimi Zohar <zohar@linux.vnet.ibm.com>2016-11-13 22:50:11 -0500
commitb4bfec7f4a86424b114f94f41c4e1841ec102df3 (patch)
tree9f4a668c3d28ef3de0743d3dda285829b38a85a3 /security
parent5465d02a4970990d8ec692c7539af5fdde95e613 (diff)
security/integrity: Harden against malformed xattrs
In general the handling of IMA/EVM xattrs is good, but I found a few locations where either the xattr size or the value of the type field in the xattr are not checked. Add a few simple checks to these locations to prevent malformed or malicious xattrs from causing problems. Signed-off-by: Seth Forshee <seth.forshee@canonical.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Diffstat (limited to 'security')