From mboxrd@z Thu Jan 1 00:00:00 1970 From: gregkh@linuxfoundation.org (Greg KH) Date: Thu, 1 Feb 2018 18:04:47 +0100 Subject: [PATCH v2] general protection fault in sock_has_perm In-Reply-To: <5fb5622d-e58b-c174-3d5c-bfe55569b88e@android.com> References: <20180201153708.63506-1-salyzyn@android.com> <5fb5622d-e58b-c174-3d5c-bfe55569b88e@android.com> Message-ID: <20180201170447.GE12838@kroah.com> To: linux-security-module@vger.kernel.org List-Id: linux-security-module.vger.kernel.org On Thu, Feb 01, 2018 at 08:20:13AM -0800, Mark Salyzyn wrote: > On 02/01/2018 08:00 AM, Paul Moore wrote: > > On Thu, Feb 1, 2018 at 10:37 AM, Mark Salyzyn wrote: > > > In the absence of commit a4298e4522d6 ("net: add SOCK_RCU_FREE socket > > > flag") and all the associated infrastructure changes to take advantage > > > of a RCU grace period before freeing, there is a heightened > > > possibility that a security check is performed while an ill-timed > > > setsockopt call races in from user space. It then is prudent to null > > > check sk_security, and if the case, reject the permissions. > > > > > > . . . > > > ---[ end trace 7b5aaf788fef6174 ]--- > > > > > > Signed-off-by: Mark Salyzyn > > > Signed-off-by: Paul Moore > > No, in the previous thread I gave my ack, not my sign-off; please be > > more careful in the future. It may seem silly, especially in this > > particular case, but it is an important distinction when things like > > the DCO are concerned. > > > > Anyway, here is my ack again. > > > > Acked-by: Paul Moore > > > Ok, both Greg KH and yours should be considered Acked-By. Been overstepping > this boundary for _years_. AFAIK Signed-off-by is still pending from Stephen > Smalley before this can roll in. An ack is all I need here, or I can just rely on Paul's :) I'll edit up Paul's when I apply this. thanks, greg k-h -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo at vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html From mboxrd@z Thu Jan 1 00:00:00 1970 Date: Thu, 1 Feb 2018 18:04:47 +0100 From: Greg KH To: Mark Salyzyn Cc: Paul Moore , linux-kernel@vger.kernel.org, Paul Moore , Eric Dumazet , Stephen Smalley , selinux@tycho.nsa.gov, linux-security-module@vger.kernel.org, Eric Paris , "Serge E . Hallyn" , stable , James Morris Message-ID: <20180201170447.GE12838@kroah.com> References: <20180201153708.63506-1-salyzyn@android.com> <5fb5622d-e58b-c174-3d5c-bfe55569b88e@android.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii In-Reply-To: <5fb5622d-e58b-c174-3d5c-bfe55569b88e@android.com> Subject: Re: [PATCH v2] general protection fault in sock_has_perm List-Id: "Security-Enhanced Linux \(SELinux\) mailing list" List-Post: List-Help: On Thu, Feb 01, 2018 at 08:20:13AM -0800, Mark Salyzyn wrote: > On 02/01/2018 08:00 AM, Paul Moore wrote: > > On Thu, Feb 1, 2018 at 10:37 AM, Mark Salyzyn wrote: > > > In the absence of commit a4298e4522d6 ("net: add SOCK_RCU_FREE socket > > > flag") and all the associated infrastructure changes to take advantage > > > of a RCU grace period before freeing, there is a heightened > > > possibility that a security check is performed while an ill-timed > > > setsockopt call races in from user space. It then is prudent to null > > > check sk_security, and if the case, reject the permissions. > > > > > > . . . > > > ---[ end trace 7b5aaf788fef6174 ]--- > > > > > > Signed-off-by: Mark Salyzyn > > > Signed-off-by: Paul Moore > > No, in the previous thread I gave my ack, not my sign-off; please be > > more careful in the future. It may seem silly, especially in this > > particular case, but it is an important distinction when things like > > the DCO are concerned. > > > > Anyway, here is my ack again. > > > > Acked-by: Paul Moore > > > Ok, both Greg KH and yours should be considered Acked-By. Been overstepping > this boundary for _years_. AFAIK Signed-off-by is still pending from Stephen > Smalley before this can roll in. An ack is all I need here, or I can just rely on Paul's :) I'll edit up Paul's when I apply this. thanks, greg k-h