From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Vasily Averin <vvs@virtuozzo.com>,
Kees Cook <keescook@chromium.org>,
Josh Boyer <jwboyer@redhat.com>, Eric Paris <eparis@redhat.com>,
Andrew Morton <akpm@linux-foundation.org>,
Linus Torvalds <torvalds@linux-foundation.org>
Subject: [PATCH 3.14 104/125] security_syslog() should be called once only
Date: Fri, 31 Jul 2015 12:41:44 -0700 [thread overview]
Message-ID: <20150731194030.788537261@linuxfoundation.org> (raw)
In-Reply-To: <20150731194027.037807932@linuxfoundation.org>
3.14-stable review patch. If anyone has any objections, please let me know.
------------------
From: Vasily Averin <vvs@virtuozzo.com>
commit d194e5d666225b04c7754471df0948f645b6ab3a upstream.
The final version of commit 637241a900cb ("kmsg: honor dmesg_restrict
sysctl on /dev/kmsg") lost few hooks, as result security_syslog() are
processed incorrectly:
- open of /dev/kmsg checks syslog access permissions by using
check_syslog_permissions() where security_syslog() is not called if
dmesg_restrict is set.
- syslog syscall and /proc/kmsg calls do_syslog() where security_syslog
can be executed twice (inside check_syslog_permissions() and then
directly in do_syslog())
With this patch security_syslog() is called once only in all
syslog-related operations regardless of dmesg_restrict value.
Fixes: 637241a900cb ("kmsg: honor dmesg_restrict sysctl on /dev/kmsg")
Signed-off-by: Vasily Averin <vvs@virtuozzo.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Josh Boyer <jwboyer@redhat.com>
Cc: Eric Paris <eparis@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
kernel/printk/printk.c | 11 ++++-------
1 file changed, 4 insertions(+), 7 deletions(-)
--- a/kernel/printk/printk.c
+++ b/kernel/printk/printk.c
@@ -383,11 +383,11 @@ static int check_syslog_permissions(int
* already done the capabilities checks at open time.
*/
if (from_file && type != SYSLOG_ACTION_OPEN)
- return 0;
+ goto ok;
if (syslog_action_restricted(type)) {
if (capable(CAP_SYSLOG))
- return 0;
+ goto ok;
/*
* For historical reasons, accept CAP_SYS_ADMIN too, with
* a warning.
@@ -397,10 +397,11 @@ static int check_syslog_permissions(int
"CAP_SYS_ADMIN but no CAP_SYSLOG "
"(deprecated).\n",
current->comm, task_pid_nr(current));
- return 0;
+ goto ok;
}
return -EPERM;
}
+ok:
return security_syslog(type);
}
@@ -1126,10 +1127,6 @@ int do_syslog(int type, char __user *buf
if (error)
goto out;
- error = security_syslog(type);
- if (error)
- return error;
-
switch (type) {
case SYSLOG_ACTION_CLOSE: /* Close log */
break;
next prev parent reply other threads:[~2015-07-31 20:13 UTC|newest]
Thread overview: 123+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-31 19:40 [PATCH 3.14 000/125] 3.14.49-stable review Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 001/125] rcu: Correctly handle non-empty Tiny RCU callback list with none ready Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 002/125] ipr: Increase default adapter init stage change timeout Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 003/125] Disable write buffering on Toshiba ToPIC95 Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 004/125] ALSA: hda - Add headset support to Acer Aspire V5 Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 005/125] ALSA: hda - Fix the dock headphone output on Fujitsu Lifebook E780 Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 006/125] ACPI / init: Switch over platform to the ACPI mode later Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 007/125] ARC: add compiler barrier to LLSC based cmpxchg Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 008/125] arm64: Do not attempt to use init_mm in reset_context() Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 009/125] arm64: mm: Fix freeing of the wrong memmap entries with !SPARSEMEM_VMEMMAP Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 010/125] arm64: vdso: work-around broken ELF toolchains in Makefile Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 011/125] cpuidle / menu: Return (-1) if there are no suitable states Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 012/125] regmap: Fix regmap_bulk_read in BE mode Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 013/125] regmap: Fix possible shift overflow in regmap_field_init() Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 014/125] regulator: core: fix constraints output buffer Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 016/125] spi: pl022: Specify num-cs property as required in devicetree binding Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 017/125] scsi_transport_srp: Introduce srp_wait_for_queuecommand() Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 018/125] scsi_transport_srp: Fix a race condition Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 019/125] genirq: devres: Fix testing return value of request_any_context_irq() Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 020/125] leds / PM: fix hibernation on arm when gpio-led used with CPU led trigger Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 021/125] mtd: fix: avoid race condition when accessing mtd->usecount Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 023/125] thermal: step_wise: fix: Prevent from binary overflow when trend is dropping Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 024/125] pinctrl: mvebu: armada-370: fix spi0 pin description Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 025/125] pinctrl: mvebu: armada-xp: remove non-existing NAND pins Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 026/125] pinctrl: mvebu: armada-xp: remove non-existing VDD cpu_pd functions Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 027/125] pinctrl: mvebu: armada-xp: fix functions of MPP48 Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 029/125] mtd: nand: fix erroneous read_buf call in nand_write_page_raw_syndrome Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 030/125] Bluetooth: btusb: Fix memory leak in Intel setup routine Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 031/125] ath9k: fix DMA stop sequence for AR9003+ Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 032/125] staging: rtl8712: prevent buffer overrun in recvbuf2recvframe Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 033/125] ext4: fix race between truncate and __ext4_journalled_writepage() Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 034/125] ext4: call sync_blockdev() before invalidate_bdev() in put_super() Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 035/125] ext4: dont retry file block mapping on bigalloc fs with non-extent file Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 036/125] ext4: fix reservation release on invalidatepage for delalloc fs Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 037/125] ext4: be more strict when migrating to non-extent based file Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 038/125] ext4: correctly migrate a file with a hole at the beginning Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 039/125] ext4: replace open coded nofail allocation in ext4_free_blocks() Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 040/125] jbd2: use GFP_NOFS in jbd2_cleanup_journal_tail() Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 041/125] jbd2: fix ocfs2 corrupt when updating journal superblock fails Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 042/125] i2c: at91: fix a race condition when using the DMA controller Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 043/125] iio: DAC: ad5624r_spi: fix bit shift of output data value Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 044/125] iio: tmp006: Check channel info on write Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 045/125] iio: adc: at91_adc: allow to use full range of startup time Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 046/125] [media] cx24117: fix a buffer overflow when checking userspace params Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 047/125] [media] af9013: Dont accept invalid bandwidth Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 048/125] [media] s5h1420: fix a buffer overflow when checking userspace params Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 049/125] [media] cx24116: " Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 050/125] ASoC: arizona: Fix noise generator gain TLV Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 051/125] ASoC: imx-wm8962: Add a missing error check Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 053/125] ASoC: wm8955: Fix setting wrong register for WM8955_K_8_0_MASK bits Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 055/125] ASoC: wm8960: the enum of "DAC Polarity" should be wm8960_enum[1] Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 056/125] libata: add ATA_HORKAGE_BROKEN_FPDMA_AA quirk for HP 250GB SATA disk VB0250EAVER Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 057/125] libata: increase the timeout when setting transfer mode Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 058/125] usb: dwc3: gadget: return error if command sent to DGCMD register fails Greg Kroah-Hartman
2015-07-31 19:40 ` [PATCH 3.14 059/125] usb: dwc3: gadget: return error if command sent to DEPCMD " Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 060/125] usb: dwc3: Reset the transfer resource index on SET_INTERFACE Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 061/125] USB: devio: fix a condition in async_completed() Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 062/125] usb: musb: host: rely on port_mode to call musb_start() Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 063/125] USB: cp210x: add ID for Aruba Networks controllers Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 064/125] USB: option: add 2020:4000 ID Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 065/125] USB: serial: Destroy serial_minors IDR on module exit Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 066/125] usb: xhci: Bugfix for NULL pointer deference in xhci_endpoint_init() function Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 067/125] dm stats: fix divide by zero if number_of_areas arg is zero Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 068/125] dm space map metadata: fix occasional leak of a metadata block on resize Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 069/125] dm btree remove: fix bug in redistribute3 Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 070/125] dm btree: silence lockdep lock inversion in dm_btree_del() Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 071/125] mmc: block: Add missing mmc_blk_put() in power_ro_lock_show() Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 072/125] drm/qxl: Do not cause spice-server to clean our objects Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 073/125] drm/qxl: Do not leak memory if qxl_release_list_add fails Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 074/125] drm/radeon: take the mode_config mutex when dealing with hpds (v2) Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 078/125] drm/radeon: add a dpm quirk for Sapphire Radeon R9 270X 2GB GDDR5 Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 079/125] drm: add a check for x/y in drm_mode_setcrtc Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 080/125] xfs: fix remote symlinks on V5/CRC filesystems Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 081/125] vTPM: set virtual device before passing to ibmvtpm_reset_crq Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 082/125] KEYS: ensure we free the assoc array edit if edit is valid Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 083/125] ima: fix ima_show_template_data_ascii() Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 084/125] evm: labeling pseudo filesystems exception Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 085/125] libata: add ATA_HORKAGE_NOTRIM Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 086/125] libata: force disable trim for SuperSSpeed S238 Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 087/125] tracing/filter: Do not WARN on operand count going below zero Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 088/125] tracing/filter: Do not allow infix to exceed end of string Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 089/125] tracing: Have branch tracer use recursive field of task struct Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 090/125] dmaengine: mv_xor: bug fix for racing condition in descriptors cleanup Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 091/125] hwmon: (mcp3021) Fix broken output scaling Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 092/125] md: fix a build warning Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 093/125] Btrfs: use kmem_cache_free when freeing entry in inode cache Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 094/125] Btrfs: fix memory leak in the extent_same ioctl Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 095/125] fuse: initialize fc->release before calling it Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 096/125] crush: fix a bug in tree bucket decode Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 097/125] ACPICA: Tables: Fix an issue that FACS initialization is performed twice Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 098/125] iscsi-target: Convert iscsi_thread_set usage to kthread.h Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 099/125] iser-target: Fix possible deadlock in RDMA_CM connection error Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 100/125] iser-target: release stale iser connections Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 101/125] mmc: card: Fixup request missing in mmc_blk_issue_rw_rq Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 102/125] PM / sleep: Increase default DPM watchdog timeout to 60 Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 103/125] __bitmap_parselist: fix bug in empty string handling Greg Kroah-Hartman
2015-07-31 19:41 ` Greg Kroah-Hartman [this message]
2015-07-31 19:41 ` [PATCH 3.14 105/125] mac80211: prevent possible crypto tx tailroom corruption Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 106/125] clocksource: exynos_mct: Avoid blocking calls in the cpu hotplug notifier Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 107/125] ideapad: fix software rfkill setting Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 109/125] USB: usbfs: allow URBs to be reaped after disconnection Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 110/125] block: Do a full clone when splitting discard bios Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 111/125] of: return NUMA_NO_NODE from fallback of_node_to_nid() Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 113/125] NFS: Fix size of NFSACL SETACL operations Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 114/125] fixing infinite OPEN loop in 4.0 stateid recovery Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 115/125] nfs: increase size of EXCHANGE_ID name string buffer Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 116/125] SUNRPC: Fix a memory leak in the backchannel code Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 117/125] 9p: forgetting to cancel request on interrupted zero-copy RPC Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 118/125] 9p: dont leave a half-initialized inode sitting around Greg Kroah-Hartman
2015-07-31 19:41 ` [PATCH 3.14 119/125] rbd: use GFP_NOIO in rbd_obj_request_create() Greg Kroah-Hartman
2015-07-31 19:42 ` [PATCH 3.14 120/125] agp/intel: Fix typo in needs_ilk_vtd_wa() Greg Kroah-Hartman
2015-07-31 19:42 ` [PATCH 3.14 121/125] arm64: Dont report clear pmds and puds as huge Greg Kroah-Hartman
2015-07-31 19:42 ` [PATCH 3.14 122/125] hpfs: hpfs_error: Remove static buffer, use vsprintf extension %pV instead Greg Kroah-Hartman
2015-07-31 19:42 ` [PATCH 3.14 123/125] Fix firmware loader uevent buffer NULL pointer dereference Greg Kroah-Hartman
2015-07-31 19:42 ` [PATCH 3.14 124/125] qla2xxx: Mark port lost when we receive an RSCN for it Greg Kroah-Hartman
2015-07-31 19:42 ` [PATCH 3.14 125/125] MIPS: KVM: Do not sign extend on unsigned MMIO load Greg Kroah-Hartman
2015-08-01 2:07 ` [PATCH 3.14 000/125] 3.14.49-stable review Guenter Roeck
2015-08-01 7:09 ` Sudip Mukherjee
2015-08-01 7:12 ` Sudip Mukherjee
2015-08-03 16:17 ` Greg Kroah-Hartman
2015-08-03 19:03 ` Shuah Khan
2015-08-03 21:11 ` Greg Kroah-Hartman
2015-08-03 18:27 ` Shuah Khan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150731194030.788537261@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=akpm@linux-foundation.org \
--cc=eparis@redhat.com \
--cc=jwboyer@redhat.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=vvs@virtuozzo.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).