From: Dmitry Kasatkin <d.kasatkin@samsung.com>
To: zohar@linux.vnet.ibm.com, linux-security-module@vger.kernel.org,
linux-ima-devel@lists.sourceforge.net
Cc: linux-kernel@vger.kernel.org, jack@suse.cz, jmorris@namei.org,
dmitry.kasatkin@gmail.com,
Dmitry Kasatkin <d.kasatkin@samsung.com>
Subject: [PATCH v3 0/3] integrity: NULL pointer dereference fixes
Date: Tue, 28 Oct 2014 13:31:21 +0200 [thread overview]
Message-ID: <cover.1414494901.git.d.kasatkin@samsung.com> (raw)
Hi,
Recently Jan Kara reported about possible NULL pointer dereference
in IMA and EVM setxattr hooks. This patchset fixes the problem.
http://sourceforge.net/p/linux-ima/mailman/message/32957578
In this version of the patchset we agreed with Mimi to split IMA
patch into two, where the first patch fixes the oops and must go to
the stable and the second patch limits setting of file hash to fix
and log modes and may go to the next kernel version via normal process.
- Dmitry
Dmitry Kasatkin (3):
ima: check xattr value length and type in the ima_inode_setxattr()
ima: limit file hash setting by user to fix and log modes
evm: check xattr value length and type in evm_inode_setxattr()
security/integrity/evm/evm_main.c | 11 ++++++++---
security/integrity/ima/ima_appraise.c | 10 ++++++++--
security/integrity/integrity.h | 1 +
3 files changed, 17 insertions(+), 5 deletions(-)
--
1.9.1
next reply other threads:[~2014-10-28 11:32 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-10-28 11:31 Dmitry Kasatkin [this message]
2014-10-28 11:31 ` [PATCH v3 1/3] ima: check xattr value length and type in the ima_inode_setxattr() Dmitry Kasatkin
2014-10-28 11:31 ` [PATCH v3 2/3] ima: limit file hash setting by user to fix and log modes Dmitry Kasatkin
2014-10-28 11:31 ` [PATCH v3 3/3] evm: check xattr value length and type in evm_inode_setxattr() Dmitry Kasatkin
2014-10-28 12:28 ` [PATCH v3 1/1] " Dmitry Kasatkin
2014-10-28 12:33 ` [PATCH v3 3/3] " Dmitry Kasatkin
2014-10-28 14:23 ` [PATCH v3 0/3] integrity: NULL pointer dereference fixes Mimi Zohar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1414494901.git.d.kasatkin@samsung.com \
--to=d.kasatkin@samsung.com \
--cc=dmitry.kasatkin@gmail.com \
--cc=jack@suse.cz \
--cc=jmorris@namei.org \
--cc=linux-ima-devel@lists.sourceforge.net \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=zohar@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.