From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752170AbbCaFKR (ORCPT ); Tue, 31 Mar 2015 01:10:17 -0400 Received: from mailout3.samsung.com ([203.254.224.33]:59732 "EHLO mailout3.samsung.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751309AbbCaFKM (ORCPT ); Tue, 31 Mar 2015 01:10:12 -0400 X-AuditID: cbfee690-f79ab6d0000046f7-26-551a2c2ba366 Date: Tue, 31 Mar 2015 05:09:43 +0000 (GMT) From: Maninder Singh Subject: Re: Re: [Fix kernel crash in cipso_v4_sock_delattr ] To: Casey Schaufler , Paul Moore , Maninder Singh Cc: "davem@davemloft.net" , "netdev@vger.kernel.org" , "linux-kernel@vger.kernel.org" , Vaneet Narang , AJEET YADAV Reply-to: maninder1.s@samsung.com MIME-version: 1.0 X-MTR: 20150331050226595@maninder1.s Msgkey: 20150331050226595@maninder1.s X-EPLocale: en_US.windows-1252 X-Priority: 3 X-EPWebmail-Msg-Type: personal X-EPWebmail-Reply-Demand: 0 X-EPApproval-Locale: X-EPHeader: ML X-MLAttribute: X-RootMTR: 20150331050226595@maninder1.s X-ParentMTR: X-ArchiveUser: X-CPGSPASS: N X-ConfirmMail: N,general Content-type: text/plain; charset=windows-1252 MIME-version: 1.0 Message-id: <1834203638.139231427778581653.JavaMail.weblogic@epmlwas08d> X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrBIsWRmVeSWpSXmKPExsWyRsSkTldbRyrU4OMrOYvLu+awOTB6fN4k F8AYxWWTkpqTWZZapG+XwJXx9+V65oIdIhVr5l1iamD8INzFyMkhJKAmsWjvYzYQW0LARGLr x1nsELaYxIV764HiXEA1Sxkl/r47CFe0beZiJojEHEaJJYe3MoEkWARUJVa9O8AIYrMJ6Euc 3buOGcQWFrCVOHd8FtgkEYEmRonHm4+AOcwC3xgltu/azg5xh6LE+htPwLp5BQQlTs58wgKx TkXi5P23zBBxVYkTi1ezQsTlJJZMvcwEYfNKzGh/ygITn/Z1DTOELS1xftYGRph/Fn9/DBXn lzh2ewdUr4DE1DMHoWo0Jc69gPmfT2LNwrcsMPW7Ti1nhtl1f8tcqF4Jia0tT8DuYQa6f0r3 Q3YI20DiyKI5rOh+4RXwkDh6thEcdBICvRwSHec/s0xgVJqFpG4WklmzkMxCVrOAkWUVo2hq QXJBcVJ6kYlecWJucWleul5yfu4mRmCCOP3v2YQdjPcOWB9iFOBgVOLhrbgjGSrEmlhWXJl7 iNEUGFMTmaVEk/OBaSivJN7Q2MzIwtTE1NjI3NJMSZz3tdTPYCGB9MSS1OzU1ILUovii0pzU 4kOMTBycUg2MPGG/onf8t3l+7FzpFQGbKeLd7Y2aUtWfH39RlXgXx7FaZp94SSuvqM3PF7Nz 7oqznD85wSx78rdVvYl6RxhP8Uw+dOOxt/QX1y4H24usH6K3OkWv2hLn/CEmvij4SN9iV/3K fnv594YzJDJN359yK9p24VfsgzdnWJOimLcwsv0Sejgh6bCrEktxRqKhFnNRcSIAswHzlgsD AAA= X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFjrJKsWRmVeSWpSXmKPExsVy+t/tfl1xHalQgwM7jS0u75rD5sDo8XmT XABjVJpNRmpiSmqRQmpecn5KZl66rZJ3cLxzvKmZgaGuoaWFuZJCXmJuqq2Si0+ArltmDtBQ JYWyxJxSoFBAYnGxkr6dTVF+aUmqQkZ+cYmtUrShuZGekYGeqZGeoWmslaGBgZEpUE1CWsbf l+uZC3aIVKyZd4mpgfGDcBcjJ4eQgJrEor2P2UBsCQETiW0zFzNB2GISF+6tB4pzAdXMYZRY cngrWIJFQFVi1bsDjCA2m4C+xNm965hBbGEBW4lzx2eBNYgINDFKPN58BMxhFvjGKLF913Z2 iHWKEutvPAHr5hUQlDg58wkLxDoViZP33zJDxFUlTixezQoRl5NYMvUy1Em8EjPan7LAxKd9 XcMMYUtLnJ+1gRHm7MXfH0PF+SWO3d4B1SsgMfXMQagaTYlzL2axQ9h8EmsWvmWBqd91ajkz zK77W+ZC9UpIbG15AnYPM9D9U7ofskPYBhJHFs1hRfcLr4CHxNGzjUwTGGVnIUnNQtI+C0k7 spoFjCyrGEVTC5ILipPSK4z0ihNzi0vz0vWS83M3MYKT0bNFOxj/nbc+xCjAwajEw1txRzJU iDWxrLgy9xCjBAezkgjvno9AId6UxMqq1KL8+KLSnNTiQ4ymwHibyCwlmpwPTJR5JfGGxibm psamFgaG5uZmSuK8/8/lhggJpCeWpGanphakFsH0MXFwSjUw3uMP9N7WMrkjQCHtQsS5180f z+1m/9A3Qe7EvI1fnVXzzqR5n/E1OpsQPOXw1Pn8v19P53e9ID9hzoKOBiap//OvHOfa8Zsr NLnFYqfufMtHXa0mr+tXZfk+e+fsuVrl6je1eyfXPC2+u7H1ndaDyJVe+6tffLgx2eOSjlya 7G7bG0l3Ytyby5VYijMSDbWYi4oTAUzMI7pcAwAA DLP-Filter: Pass X-CFilter-Loop: Reflected Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from base64 to 8bit by nfs id t2V5AKvr023774 We are currently using 3.10.58 kernel and we are facing this issue for samck enabled system. and as we can check in other APIs like netlbl_sock_getattr and netlbl_conn_setattr have this preventive check so we added this check for netlbl_sock_delattr also. And regarding patch re-submission, actually we have run checkpatch.pl before submission(successfull) But when we submit the patch our editor changes tabs into space, we will resubmitt the patch ASAP. Maninder Singh ------- Original Message ------- Sender : Casey Schaufler Date : Mar 31, 2015 02:25 (GMT+09:00) Title : Re: [Fix kernel crash in cipso_v4_sock_delattr ] On 3/30/2015 4:32 AM, Paul Moore wrote: > On Monday, March 30, 2015 11:09:00 AM Maninder Singh wrote: >> Dear All, >> we found One Kernel Crash issue in cipso_v4_sock_delattr :- >> As Cipso supports only inet sockets so cipso_v4_sock_delattr will crash when >> try to access any other socket type. cipso_v4_sock_delattr access >> sk_inet->inet_opt which may contain not NULL but invalid address. we found >> this issue with netlink socket.(reproducible by trinity using sendto system >> call .) > Hello, > > First, please go read the Documentation/SubmittingPatches from the kernel > sources; your patch needs to be resubmitted and the instructions in that file > will show you how to do it correctly next time. > > Second, this appears to only affect Smack based systems, yes? SELinux based > systems should have the proper checking in place to prevent this (the checks > are handled in the LSM). This looks like a problem that was fixed some time ago. The current Smack code clearly checks for this. What kernel version are you testing against? > That said, it probably wouldn't hurt to add the > extra checking to netlbl_sock_delattr(). If you properly resubmit your patch > I'll ACK it. > > -Paul >{.n++%ݶw{.n+{G{ayʇڙ,jfhz_(階ݢj"mG?&~iOzv^m ?I