From: Casey Schaufler <casey@schaufler-ca.com>
To: "José Bollo" <jose.bollo@open.eurogiciel.org>,
"James Morris" <james.l.morris@oracle.com>,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org
Cc: jobol@nonadev.net
Subject: Re: [PATCH 1/1] SMACK: Fix handling value==NULL in post setxattr
Date: Fri, 11 Apr 2014 14:46:37 -0700 [thread overview]
Message-ID: <534862BD.8010101@schaufler-ca.com> (raw)
In-Reply-To: <1396525721-17307-1-git-send-email-jose.bollo@open.eurogiciel.org>
On 4/3/2014 4:48 AM, José Bollo wrote:
> The function `smack_inode_post_setxattr` is called each
> time that a setxattr is done, for any value of name.
> The kernel allow to put value==NULL when size==0
> to set an empty attribute value. The systematic
> call to smk_import_entry was causing the dereference
> of a NULL pointer hence a KERNEL PANIC!
>
> The problem can be produced easily by issuing the
> command `setfattr -n user.data file` under bash prompt
> when SMACK is active.
>
> Moving the call to smk_import_entry as proposed by this
> patch is correcting the behaviour because the function
> smack_inode_post_setxattr is called for the SMACK's
> attributes only if the function smack_inode_setxattr validated
> the value and its size (what will not be the case when size==0).
>
> It also has a benefical effect to not fill the smack hash
> with garbage values coming from any extended attribute
> write.
>
> Change-Id: Iaf0039c2be9bccb6cee11c24a3b44d209101fe47
> Signed-off-by: José Bollo <jose.bollo@open.eurogiciel.org>
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
Applied to git://git.gitorious.org/smack-next/kernel.git smack-for-3.16
> ---
> security/smack/smack_lsm.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
> index 3f01cf5..28d482c 100644
> --- a/security/smack/smack_lsm.c
> +++ b/security/smack/smack_lsm.c
> @@ -893,18 +893,20 @@ static void smack_inode_post_setxattr(struct dentry *dentry, const char *name,
> return;
> }
>
> - skp = smk_import_entry(value, size);
> if (strcmp(name, XATTR_NAME_SMACK) == 0) {
> + skp = smk_import_entry(value, size);
> if (skp != NULL)
> isp->smk_inode = skp->smk_known;
> else
> isp->smk_inode = smack_known_invalid.smk_known;
> } else if (strcmp(name, XATTR_NAME_SMACKEXEC) == 0) {
> + skp = smk_import_entry(value, size);
> if (skp != NULL)
> isp->smk_task = skp;
> else
> isp->smk_task = &smack_known_invalid;
> } else if (strcmp(name, XATTR_NAME_SMACKMMAP) == 0) {
> + skp = smk_import_entry(value, size);
> if (skp != NULL)
> isp->smk_mmap = skp;
> else
prev parent reply other threads:[~2014-04-11 21:52 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-04-03 11:48 [PATCH 1/1] SMACK: Fix handling value==NULL in post setxattr José Bollo
2014-04-11 21:46 ` Casey Schaufler [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=534862BD.8010101@schaufler-ca.com \
--to=casey@schaufler-ca.com \
--cc=james.l.morris@oracle.com \
--cc=jobol@nonadev.net \
--cc=jose.bollo@open.eurogiciel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.