From: Mimi Zohar <zohar@linux.ibm.com>
To: Lakshmi Ramasubramanian <nramas@linux.microsoft.com>,
linux-integrity@vger.kernel.org
Cc: sashal@kernel.org, linux-kernel@vger.kernel.org,
keyrings@vger.kernel.org
Subject: Re: [PATCH] IMA: pre-allocate keyrings string
Date: Thu, 16 Jan 2020 07:56:50 -0500 [thread overview]
Message-ID: <1579179410.5857.21.camel@linux.ibm.com> (raw)
In-Reply-To: <20200116031508.3481-1-nramas@linux.microsoft.com>
Hi Laskhmi,
On Wed, 2020-01-15 at 19:15 -0800, Lakshmi Ramasubramanian wrote:
> ima_match_keyring() is called while holding rcu read lock.
> Since this function executes in atmomic context, it should
> not call any function that can sleep (such as kstrdup()).
Good catch!
> This patch pre-allocates a buffer to hold the keyrings
> string read from the IMA policy and uses that to check
> the given keyring in ima_match_keyring().
(Reminder: this patch description line length is a bit short.
According to Documentation/process/submitting-patches.rst, the patch
description line length should be line wrapped at 75 columns.)
>
> Signed-off-by: Lakshmi Ramasubramanian <nramas@linux.microsoft.com>
> Fixes: e9085e0ad38a ("IMA: Add support to limit measuring keys")
> ---
> @@ -1120,8 +1117,17 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry)
> result = -EINVAL;
> break;
> }
> +
> + ima_keyrings = kstrdup(args[0].from, GFP_KERNEL);
> + if (!ima_keyrings) {
> + result = -ENOMEM;
> + break;
> + }
This would work for a single "key" measurement rule, but not for
multiple rules, where the last "keyrings" string is shorter than the
previous ones. For example, in addition to the builtin trusted
keyrings, another rule could measure a keyring owned by a user.
measure func=KEY_CHECK template=ima-buf keyrings=.ima|.builtin_trusted_keys
measure func=KEY_CHECK uid=1000 template=ima-buf keyrings=_foo
Mimi
> entry->keyrings = kstrdup(args[0].from, GFP_KERNEL);
> if (!entry->keyrings) {
> + kfree(ima_keyrings);
> + ima_keyrings = NULL;
> result = -ENOMEM;
> break;
> }
prev parent reply other threads:[~2020-01-16 12:56 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-01-16 3:15 [PATCH] IMA: pre-allocate keyrings string Lakshmi Ramasubramanian
2020-01-16 12:56 ` Mimi Zohar [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1579179410.5857.21.camel@linux.ibm.com \
--to=zohar@linux.ibm.com \
--cc=keyrings@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=nramas@linux.microsoft.com \
--cc=sashal@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).