From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linuxfoundation.org ([140.211.169.12]:38242 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752596AbbGaBZB (ORCPT ); Thu, 30 Jul 2015 21:25:01 -0400 Subject: Patch "security_syslog() should be called once only" has been added to the 3.14-stable tree To: vvs@virtuozzo.com, akpm@linux-foundation.org, eparis@redhat.com, gregkh@linuxfoundation.org, jwboyer@redhat.com, keescook@chromium.org, torvalds@linux-foundation.org Cc: , From: Date: Thu, 30 Jul 2015 18:25:00 -0700 Message-ID: <14383059003191@kroah.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ANSI_X3.4-1968 Content-Transfer-Encoding: 8bit Sender: stable-owner@vger.kernel.org List-ID: This is a note to let you know that I've just added the patch titled security_syslog() should be called once only to the 3.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: security_syslog-should-be-called-once-only.patch and it can be found in the queue-3.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >>From d194e5d666225b04c7754471df0948f645b6ab3a Mon Sep 17 00:00:00 2001 From: Vasily Averin Date: Thu, 25 Jun 2015 15:01:44 -0700 Subject: security_syslog() should be called once only From: Vasily Averin commit d194e5d666225b04c7754471df0948f645b6ab3a upstream. The final version of commit 637241a900cb ("kmsg: honor dmesg_restrict sysctl on /dev/kmsg") lost few hooks, as result security_syslog() are processed incorrectly: - open of /dev/kmsg checks syslog access permissions by using check_syslog_permissions() where security_syslog() is not called if dmesg_restrict is set. - syslog syscall and /proc/kmsg calls do_syslog() where security_syslog can be executed twice (inside check_syslog_permissions() and then directly in do_syslog()) With this patch security_syslog() is called once only in all syslog-related operations regardless of dmesg_restrict value. Fixes: 637241a900cb ("kmsg: honor dmesg_restrict sysctl on /dev/kmsg") Signed-off-by: Vasily Averin Cc: Kees Cook Cc: Josh Boyer Cc: Eric Paris Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds Signed-off-by: Greg Kroah-Hartman --- kernel/printk/printk.c | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) --- a/kernel/printk/printk.c +++ b/kernel/printk/printk.c @@ -383,11 +383,11 @@ static int check_syslog_permissions(int * already done the capabilities checks at open time. */ if (from_file && type != SYSLOG_ACTION_OPEN) - return 0; + goto ok; if (syslog_action_restricted(type)) { if (capable(CAP_SYSLOG)) - return 0; + goto ok; /* * For historical reasons, accept CAP_SYS_ADMIN too, with * a warning. @@ -397,10 +397,11 @@ static int check_syslog_permissions(int "CAP_SYS_ADMIN but no CAP_SYSLOG " "(deprecated).\n", current->comm, task_pid_nr(current)); - return 0; + goto ok; } return -EPERM; } +ok: return security_syslog(type); } @@ -1126,10 +1127,6 @@ int do_syslog(int type, char __user *buf if (error) goto out; - error = security_syslog(type); - if (error) - return error; - switch (type) { case SYSLOG_ACTION_CLOSE: /* Close log */ break; Patches currently in stable-queue which might be from vvs@virtuozzo.com are queue-3.14/security_syslog-should-be-called-once-only.patch