From: "J. Bruce Fields" <bfields@fieldses.org>
To: Serge Hallyn <serge.hallyn@canonical.com>
Cc: linux-security-module@vger.kernel.org, linux-nfs@vger.kernel.org,
"David P. Quigley" <dpquigl@tycho.nsa.gov>,
Steve Dickson <SteveD@redhat.com>
Subject: [PATCH] security: cap_inode_getsecctx returning garbage
Date: Wed, 8 May 2013 21:43:29 -0400 [thread overview]
Message-ID: <20130509014329.GH23747@fieldses.org> (raw)
From: "J. Bruce Fields" <bfields@redhat.com>
We shouldn't be returning success from this function without also
filling in the return values ctx and ctxlen.
Note currently this doesn't appear to cause bugs since the only
inode_getsecctx caller I can find is fs/sysfs/inode.c, which only calls
this if security_inode_setsecurity succeeds. Assuming
security_inode_setsecurity is set to cap_inode_setsecurity whenever
inode_getsecctx is set to cap_inode_getsecctx, this function can never
actually called.
So I noticed this only because the server labeled NFS patches add a real
caller.
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
---
security/capability.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Also, assuming this is correct, would you be willing to apply it for
3.10?
If you'd prefer it wait till the next merge window: could you ACK it,
and let me merge it through the nfsd tree? (It's a prerequisite for
the labeled NFS patches that I hope to merge for 3.11.)
diff --git a/security/capability.c b/security/capability.c
index d32e16e..32b5157 100644
--- a/security/capability.c
+++ b/security/capability.c
@@ -858,7 +858,7 @@ static int cap_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen)
static int cap_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen)
{
- return 0;
+ return -EOPNOTSUPP;
}
#ifdef CONFIG_KEYS
static int cap_key_alloc(struct key *key, const struct cred *cred,
--
1.7.9.5
next reply other threads:[~2013-05-09 1:43 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-05-09 1:43 J. Bruce Fields [this message]
2013-05-09 5:49 ` [PATCH] security: cap_inode_getsecctx returning garbage Serge Hallyn
2013-05-09 14:08 ` J. Bruce Fields
2013-05-09 15:13 ` Serge Hallyn
2013-05-09 15:41 ` [PATCH] security: clarify cap_inode_getsecctx description J. Bruce Fields
2013-05-12 11:37 ` James Morris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130509014329.GH23747@fieldses.org \
--to=bfields@fieldses.org \
--cc=SteveD@redhat.com \
--cc=dpquigl@tycho.nsa.gov \
--cc=linux-nfs@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=serge.hallyn@canonical.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.