public inbox for linux-security-module@vger.kernel.org
 help / color / mirror / Atom feed
From: Feng Yang <yangfeng59949@163.com>
To: stephen.smalley.work@gmail.com
Cc: jmorris@namei.org, linux-kernel@vger.kernel.org,
	linux-security-module@vger.kernel.org, paul@paul-moore.com,
	serge@hallyn.com, yangfeng59949@163.com
Subject: Re: [PATCH] lsm: Fix the crash issue in xfrm_decode_session
Date: Wed, 22 Apr 2026 14:39:21 +0800	[thread overview]
Message-ID: <20260422063921.168259-1-yangfeng59949@163.com> (raw)
In-Reply-To: <CAEjxPJ6jPh9_P=56VfAhGQG-Y=njosFuV_Kys9kzhkm7PxRPLg@mail.gmail.com>

On Mon, 13 Apr 2026 13:39:18 -0400, Stephen Smalley wrote:

[...]
> > This BUG_ON was first mentioned in [1], but I could not find any explanatory record of why this check is needed.
> >
> > [1] https://lore.kernel.org/all/Pine.LNX.4.64.0607122149070.573@d.namei/
> >
> > In the existing LSM_HOOK_INIT(xfrm_decode_session, selinux_xfrm_decode_session),
> > when the `ckall` parameter of the `selinux_xfrm_decode_session` function is 0,
> > it can only return 0 and will not trigger BUG_ON.
> > Therefore, remove the BUG_ON check to fix this issue.
> >
> > Reported-by: Kaiyan Mei <M202472210@hust.edu.cn>
> > Reported-by: Yinhao Hu <dddddd@hust.edu.cn>
> > Closes: https://lore.kernel.org/all/4c4d04ba.6c12b.19c039b69e6.Coremail.kaiyanm@hust.edu.cn/
> > Signed-off-by: Feng Yang <yangfeng@kylinos.cn>
> 
> Reviewed-by: Stephen Smalley <stephen.smalley.work@gmail.com>
> 
> With the proviso that we likely ought to follow up with a clean-up
> that introduces a separate skb_classify_flow LSM hook that returns
> void so we don't awkwardly ignore errors below and defer handling to
> the individual security module.

Thank you for your review. Should the follow-up cleanup optimization for
adding a separate skb_classify_flow hook be submitted after this patch is merged?

> > ---
> >  security/security.c | 5 +----
> >  1 file changed, 1 insertion(+), 4 deletions(-)
> >
> > diff --git a/security/security.c b/security/security.c
> > index 67af9228c4e9..198f650070da 100644
> > --- a/security/security.c
> > +++ b/security/security.c
> > @@ -4991,10 +4991,7 @@ int security_xfrm_decode_session(struct sk_buff *skb, u32 *secid)
> >
> >  void security_skb_classify_flow(struct sk_buff *skb, struct flowi_common *flic)
> >  {
> > -       int rc = call_int_hook(xfrm_decode_session, skb, &flic->flowic_secid,
> > -                              0);
> > -
> > -       BUG_ON(rc);
> > +       call_int_hook(xfrm_decode_session, skb, &flic->flowic_secid, 0);
> >  }
> >  EXPORT_SYMBOL(security_skb_classify_flow);
> >  #endif /* CONFIG_SECURITY_NETWORK_XFRM */
> > --
> > 2.43.0


      reply	other threads:[~2026-04-22  6:40 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-03-18  6:19 [PATCH] lsm: Fix the crash issue in xfrm_decode_session Feng Yang
2026-03-18  8:37 ` Feng Yang
2026-03-18 17:09 ` Casey Schaufler
2026-03-19  2:22   ` Feng Yang
2026-03-19 17:51     ` Casey Schaufler
2026-03-19 18:22       ` Stephen Smalley
2026-03-20  3:20         ` Feng Yang
2026-03-20  3:24         ` [PATCH RESEND] " Feng Yang
2026-03-20  3:03       ` [PATCH] " Feng Yang
2026-04-13 17:39 ` Stephen Smalley
2026-04-22  6:39   ` Feng Yang [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260422063921.168259-1-yangfeng59949@163.com \
    --to=yangfeng59949@163.com \
    --cc=jmorris@namei.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=paul@paul-moore.com \
    --cc=serge@hallyn.com \
    --cc=stephen.smalley.work@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox