[PATCH 01/42] sysfs: Don't leak secdata when a sysfs

linux-fsdevel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH 01/42] sysfs: Don't leak secdata when a sysfs_dirent is freed.
@ 2009-11-03 11:02 Eric W. Biederman
  2009-11-04 10:36 ` [PATCH] " Eric W. Biederman
  0 siblings, 1 reply; 5+ messages in thread
From: Eric W. Biederman @ 2009-11-03 11:02 UTC (permalink / raw)
  To: Greg Kroah-Hartman
  Cc: linux-fsdevel, linux-kernel, sds, jmorris, casey,
	linux-security-module


While refreshing my sysfs patches I noticed a leak in the secdata
implementation.  We don't free the secdata when we free the
sysfs dirent. 

This is a bug in 2.6.32-rc5 that we really should close.

Signed-off-by: Eric W. Biederman <ebiederm@aristanetworks.com>
---
 fs/sysfs/dir.c |    4 ++++
 1 files changed, 4 insertions(+), 0 deletions(-)

diff --git a/fs/sysfs/dir.c b/fs/sysfs/dir.c
index 5fad489..e020183 100644
--- a/fs/sysfs/dir.c
+++ b/fs/sysfs/dir.c
@@ -21,6 +21,7 @@
 #include <linux/completion.h>
 #include <linux/mutex.h>
 #include <linux/slab.h>
+#include <linux/security.h>
 #include "sysfs.h"
 
 DEFINE_MUTEX(sysfs_mutex);
@@ -285,6 +286,9 @@ void release_sysfs_dirent(struct sysfs_dirent * sd)
 		sysfs_put(sd->s_symlink.target_sd);
 	if (sysfs_type(sd) & SYSFS_COPY_NAME)
 		kfree(sd->s_name);
+	if (sd->s_iattr && sd->s_iattr->ia_secdata)
+		security_release_secctx(sd->s_iattr->ia_secdata,
+					sd->s_iattr->ia_secdata_len);
 	kfree(sd->s_iattr);
 	sysfs_free_ino(sd->s_ino);
 	kmem_cache_free(sysfs_dir_cachep, sd);
-- 
1.6.5.2.143.g8cc62


^ permalink raw reply related	[flat|nested] 5+ messages in thread

* Re: [PATCH] sysfs: Don't leak secdata when a sysfs_dirent is freed.
  2009-11-03 11:02 [PATCH 01/42] sysfs: Don't leak secdata when a sysfs_dirent is freed Eric W. Biederman
@ 2009-11-04 10:36 ` Eric W. Biederman
  0 siblings, 0 replies; 5+ messages in thread
From: Eric W. Biederman @ 2009-11-04 10:36 UTC (permalink / raw)
  To: Greg Kroah-Hartman
  Cc: linux-fsdevel, linux-kernel, sds, jmorris, casey,
	linux-security-module


Grr.  Please all ignore the 01/42 in the subject.  Clearly I was
a bit too tired when I sent this but the fix is good and fixes a bug
2.6.32-rc5 that should be there in the first place.


ebiederm@xmission.com (Eric W. Biederman) writes:

> While refreshing my sysfs patches I noticed a leak in the secdata
> implementation.  We don't free the secdata when we free the
> sysfs dirent. 
>
> This is a bug in 2.6.32-rc5 that we really should close.
>
> Signed-off-by: Eric W. Biederman <ebiederm@aristanetworks.com>

> ---
>  fs/sysfs/dir.c |    4 ++++
>  1 files changed, 4 insertions(+), 0 deletions(-)
>
> diff --git a/fs/sysfs/dir.c b/fs/sysfs/dir.c
> index 5fad489..e020183 100644
> --- a/fs/sysfs/dir.c
> +++ b/fs/sysfs/dir.c
> @@ -21,6 +21,7 @@
>  #include <linux/completion.h>
>  #include <linux/mutex.h>
>  #include <linux/slab.h>
> +#include <linux/security.h>
>  #include "sysfs.h"
>  
>  DEFINE_MUTEX(sysfs_mutex);
> @@ -285,6 +286,9 @@ void release_sysfs_dirent(struct sysfs_dirent * sd)
>  		sysfs_put(sd->s_symlink.target_sd);
>  	if (sysfs_type(sd) & SYSFS_COPY_NAME)
>  		kfree(sd->s_name);
> +	if (sd->s_iattr && sd->s_iattr->ia_secdata)
> +		security_release_secctx(sd->s_iattr->ia_secdata,
> +					sd->s_iattr->ia_secdata_len);
>  	kfree(sd->s_iattr);
>  	sysfs_free_ino(sd->s_ino);
>  	kmem_cache_free(sysfs_dir_cachep, sd);
> -- 
> 1.6.5.2.143.g8cc62
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/

^ permalink raw reply	[flat|nested] 5+ messages in thread

* [PATCH] sysfs: Don't leak secdata when a sysfs_dirent is freed.
@ 2009-11-04 10:50 Eric W. Biederman
  2009-11-04 14:09 ` Serge E. Hallyn
  0 siblings, 1 reply; 5+ messages in thread
From: Eric W. Biederman @ 2009-11-04 10:50 UTC (permalink / raw)
  To: Greg Kroah-Hartman
  Cc: linux-fsdevel, linux-kernel, sds, jmorris, casey,
	linux-security-module


While refreshing my sysfs patches I noticed a leak in the secdata
implementation.  We don't free the secdata when we free the
sysfs dirent. 

This is a bug in 2.6.32-rc5 that we really should close.

Signed-off-by: Eric W. Biederman <ebiederm@aristanetworks.com>
---

 fs/sysfs/dir.c |    4 ++++
 1 files changed, 4 insertions(+), 0 deletions(-)

diff --git a/fs/sysfs/dir.c b/fs/sysfs/dir.c
index 5fad489..e020183 100644
--- a/fs/sysfs/dir.c
+++ b/fs/sysfs/dir.c
@@ -21,6 +21,7 @@
 #include <linux/completion.h>
 #include <linux/mutex.h>
 #include <linux/slab.h>
+#include <linux/security.h>
 #include "sysfs.h"
 
 DEFINE_MUTEX(sysfs_mutex);
@@ -285,6 +286,9 @@ void release_sysfs_dirent(struct sysfs_dirent * sd)
 		sysfs_put(sd->s_symlink.target_sd);
 	if (sysfs_type(sd) & SYSFS_COPY_NAME)
 		kfree(sd->s_name);
+	if (sd->s_iattr && sd->s_iattr->ia_secdata)
+		security_release_secctx(sd->s_iattr->ia_secdata,
+					sd->s_iattr->ia_secdata_len);
 	kfree(sd->s_iattr);
 	sysfs_free_ino(sd->s_ino);
 	kmem_cache_free(sysfs_dir_cachep, sd);
-- 
1.6.5.2.143.g8cc62


^ permalink raw reply related	[flat|nested] 5+ messages in thread

* Re: [PATCH] sysfs: Don't leak secdata when a sysfs_dirent is freed.
  2009-11-04 10:50 Eric W. Biederman
@ 2009-11-04 14:09 ` Serge E. Hallyn
  2009-11-04 14:26   ` Eric W. Biederman
  0 siblings, 1 reply; 5+ messages in thread
From: Serge E. Hallyn @ 2009-11-04 14:09 UTC (permalink / raw)
  To: Eric W. Biederman
  Cc: Greg Kroah-Hartman, linux-fsdevel, linux-kernel, sds, jmorris,
	casey, linux-security-module

Quoting Eric W. Biederman (ebiederm@xmission.com):
> 
> While refreshing my sysfs patches I noticed a leak in the secdata
> implementation.  We don't free the secdata when we free the
> sysfs dirent. 
> 
> This is a bug in 2.6.32-rc5 that we really should close.
> 
> Signed-off-by: Eric W. Biederman <ebiederm@aristanetworks.com>

I'm surprised no kmemleak or anything has found this - but I guess
not many sites hand-set custom selinux contexts on sysfs?

Acked-by: Serge Hallyn <serue@us.ibm.com>

> ---
> 
>  fs/sysfs/dir.c |    4 ++++
>  1 files changed, 4 insertions(+), 0 deletions(-)
> 
> diff --git a/fs/sysfs/dir.c b/fs/sysfs/dir.c
> index 5fad489..e020183 100644
> --- a/fs/sysfs/dir.c
> +++ b/fs/sysfs/dir.c
> @@ -21,6 +21,7 @@
>  #include <linux/completion.h>
>  #include <linux/mutex.h>
>  #include <linux/slab.h>
> +#include <linux/security.h>
>  #include "sysfs.h"
> 
>  DEFINE_MUTEX(sysfs_mutex);
> @@ -285,6 +286,9 @@ void release_sysfs_dirent(struct sysfs_dirent * sd)
>  		sysfs_put(sd->s_symlink.target_sd);
>  	if (sysfs_type(sd) & SYSFS_COPY_NAME)
>  		kfree(sd->s_name);
> +	if (sd->s_iattr && sd->s_iattr->ia_secdata)
> +		security_release_secctx(sd->s_iattr->ia_secdata,
> +					sd->s_iattr->ia_secdata_len);
>  	kfree(sd->s_iattr);
>  	sysfs_free_ino(sd->s_ino);
>  	kmem_cache_free(sysfs_dir_cachep, sd);
> -- 
> 1.6.5.2.143.g8cc62
> 
> --
> To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] sysfs: Don't leak secdata when a sysfs_dirent is freed.
  2009-11-04 14:09 ` Serge E. Hallyn
@ 2009-11-04 14:26   ` Eric W. Biederman
  0 siblings, 0 replies; 5+ messages in thread
From: Eric W. Biederman @ 2009-11-04 14:26 UTC (permalink / raw)
  To: Serge E. Hallyn
  Cc: Greg Kroah-Hartman, linux-fsdevel, linux-kernel, sds, jmorris,
	casey, linux-security-module

"Serge E. Hallyn" <serue@us.ibm.com> writes:

> Quoting Eric W. Biederman (ebiederm@xmission.com):
>> 
>> While refreshing my sysfs patches I noticed a leak in the secdata
>> implementation.  We don't free the secdata when we free the
>> sysfs dirent. 
>> 
>> This is a bug in 2.6.32-rc5 that we really should close.
>> 
>> Signed-off-by: Eric W. Biederman <ebiederm@aristanetworks.com>
>
> I'm surprised no kmemleak or anything has found this - but I guess
> not many sites hand-set custom selinux contexts on sysfs?

I don't expect so since you couldn't customize it in 2.6.31.
This is brand new code, and this corner case was just overlooked
in the review.

Eric


> Acked-by: Serge Hallyn <serue@us.ibm.com>
>
>> ---
>> 
>>  fs/sysfs/dir.c |    4 ++++
>>  1 files changed, 4 insertions(+), 0 deletions(-)
>> 
>> diff --git a/fs/sysfs/dir.c b/fs/sysfs/dir.c
>> index 5fad489..e020183 100644
>> --- a/fs/sysfs/dir.c
>> +++ b/fs/sysfs/dir.c
>> @@ -21,6 +21,7 @@
>>  #include <linux/completion.h>
>>  #include <linux/mutex.h>
>>  #include <linux/slab.h>
>> +#include <linux/security.h>
>>  #include "sysfs.h"
>> 
>>  DEFINE_MUTEX(sysfs_mutex);
>> @@ -285,6 +286,9 @@ void release_sysfs_dirent(struct sysfs_dirent * sd)
>>  		sysfs_put(sd->s_symlink.target_sd);
>>  	if (sysfs_type(sd) & SYSFS_COPY_NAME)
>>  		kfree(sd->s_name);
>> +	if (sd->s_iattr && sd->s_iattr->ia_secdata)
>> +		security_release_secctx(sd->s_iattr->ia_secdata,
>> +					sd->s_iattr->ia_secdata_len);
>>  	kfree(sd->s_iattr);
>>  	sysfs_free_ino(sd->s_ino);
>>  	kmem_cache_free(sysfs_dir_cachep, sd);
>> -- 
>> 1.6.5.2.143.g8cc62
>> 
>> --
>> To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
>> the body of a message to majordomo@vger.kernel.org
>> More majordomo info at  http://vger.kernel.org/majordomo-info.html

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2009-11-04 14:26 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-11-03 11:02 [PATCH 01/42] sysfs: Don't leak secdata when a sysfs_dirent is freed Eric W. Biederman
2009-11-04 10:36 ` [PATCH] " Eric W. Biederman
  -- strict thread matches above, loose matches on Subject: below --
2009-11-04 10:50 Eric W. Biederman
2009-11-04 14:09 ` Serge E. Hallyn
2009-11-04 14:26   ` Eric W. Biederman

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).