[PATCH] fix missing security_*() check in net/compat.c

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] fix missing security_*() check in net/compat.c
@ 2004-11-30 14:54 Mitchell Blank Jr
  2004-11-30 16:17 ` James Morris
  0 siblings, 1 reply; 4+ messages in thread
From: Mitchell Blank Jr @ 2004-11-30 14:54 UTC (permalink / raw)
  To: netdev

While looking at the SCM passing code in net/core/scm.c I noticed that there's
a 32-bit compat implementation of scm_detach_fds()'s called 
scm_detach_fds_compat() living in net/compat.c.  While these two functions
are mostly the same the latter does not include the call to the
security_file_receive() hook which is almost certainly a bug.

My sparc64 test box isn't set up currently so this is not tested.  Someone
running a 64-bit kernel with CONFIG_COMPAT should verify that this at
least compiles.

Signed-off-by: Mitchell Blank Jr <mitch@sfgoth.com>

-Mitch

--- linux-2.6.10-rc2-bk9-VIRGIN/net/compat.c	2004-10-18 14:54:37.000000000 -0700
+++ linux-2.6.10-rc2-bk9/net/compat.c	2004-11-30 06:40:52.156434868 -0800
@@ -22,6 +22,7 @@
 #include <linux/filter.h>
 #include <linux/compat.h>
 #include <linux/netfilter_ipv4/ip_tables.h>
+#include <linux/security.h>

 #include <net/scm.h>
 #include <net/sock.h>
@@ -264,6 +265,9 @@

 	for (i = 0, cmfptr = (int __user *) CMSG_COMPAT_DATA(cm); i < fdmax; i++, cmfptr++) {
 		int new_fd;
+		err = security_file_receive(fp[i]);
+		if (err)
+			break;
 		err = get_unused_fd();
 		if (err < 0)
 			break;

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] fix missing security_*() check in net/compat.c
  2004-11-30 14:54 [PATCH] fix missing security_*() check in net/compat.c Mitchell Blank Jr
@ 2004-11-30 16:17 ` James Morris
  2004-11-30 17:06   ` Chris Wright
  0 siblings, 1 reply; 4+ messages in thread
From: James Morris @ 2004-11-30 16:17 UTC (permalink / raw)
  To: Mitchell Blank Jr; +Cc: netdev, Chris Wright, Stephen Smalley, David S. Miller

On Tue, 30 Nov 2004, Mitchell Blank Jr wrote:

> While looking at the SCM passing code in net/core/scm.c I noticed that there's
> a 32-bit compat implementation of scm_detach_fds()'s called 
> scm_detach_fds_compat() living in net/compat.c.  While these two functions
> are mostly the same the latter does not include the call to the
> security_file_receive() hook which is almost certainly a bug.
> 
> My sparc64 test box isn't set up currently so this is not tested.  Someone
> running a 64-bit kernel with CONFIG_COMPAT should verify that this at
> least compiles.
> 
> Signed-off-by: Mitchell Blank Jr <mitch@sfgoth.com>

Looks correct to me.

Signed-off-by: James Morris <jmorris@redhat.com>



-- 
James Morris
<jmorris@redhat.com>

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] fix missing security_*() check in net/compat.c
  2004-11-30 16:17 ` James Morris
@ 2004-11-30 17:06   ` Chris Wright
  2004-11-30 21:40     ` David S. Miller
  0 siblings, 1 reply; 4+ messages in thread
From: Chris Wright @ 2004-11-30 17:06 UTC (permalink / raw)
  To: James Morris
  Cc: Mitchell Blank Jr, netdev, Chris Wright, Stephen Smalley,
	David S. Miller

* James Morris (jmorris@redhat.com) wrote:
> On Tue, 30 Nov 2004, Mitchell Blank Jr wrote:
> 
> > While looking at the SCM passing code in net/core/scm.c I noticed that there's
> > a 32-bit compat implementation of scm_detach_fds()'s called 
> > scm_detach_fds_compat() living in net/compat.c.  While these two functions
> > are mostly the same the latter does not include the call to the
> > security_file_receive() hook which is almost certainly a bug.
> > 
> > My sparc64 test box isn't set up currently so this is not tested.  Someone
> > running a 64-bit kernel with CONFIG_COMPAT should verify that this at
> > least compiles.
> > 
> > Signed-off-by: Mitchell Blank Jr <mitch@sfgoth.com>
> 
> Looks correct to me.
> 
> Signed-off-by: James Morris <jmorris@redhat.com>

Yup, looks fine.

thanks,
-chris
-- 
Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] fix missing security_*() check in net/compat.c
  2004-11-30 17:06   ` Chris Wright
@ 2004-11-30 21:40     ` David S. Miller
  0 siblings, 0 replies; 4+ messages in thread
From: David S. Miller @ 2004-11-30 21:40 UTC (permalink / raw)
  To: Chris Wright; +Cc: jmorris, mitch, netdev, chrisw, sds

On Tue, 30 Nov 2004 09:06:34 -0800
Chris Wright <chrisw@osdl.org> wrote:

> * James Morris (jmorris@redhat.com) wrote:
> > On Tue, 30 Nov 2004, Mitchell Blank Jr wrote:
> > 
> > > While looking at the SCM passing code in net/core/scm.c I noticed that there's
> > > a 32-bit compat implementation of scm_detach_fds()'s called 
> > > scm_detach_fds_compat() living in net/compat.c.  While these two functions
> > > are mostly the same the latter does not include the call to the
> > > security_file_receive() hook which is almost certainly a bug.
> > > 
> > > My sparc64 test box isn't set up currently so this is not tested.  Someone
> > > running a 64-bit kernel with CONFIG_COMPAT should verify that this at
> > > least compiles.
> > > 
> > > Signed-off-by: Mitchell Blank Jr <mitch@sfgoth.com>
> > 
> > Looks correct to me.
> > 
> > Signed-off-by: James Morris <jmorris@redhat.com>
> 
> Yup, looks fine.

Applied, thanks everyone.

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2004-11-30 21:40 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-11-30 14:54 [PATCH] fix missing security_*() check in net/compat.c Mitchell Blank Jr
2004-11-30 16:17 ` James Morris
2004-11-30 17:06   ` Chris Wright
2004-11-30 21:40     ` David S. Miller

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).