lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 6 Jun 2007 14:01:47 -0400 (EDT)
From:	James Morris <jmorris@...ei.org>
To:	Stephen Smalley <sds@...ho.nsa.gov>
cc:	Eric Paris <eparis@...hat.com>, Alan Cox <alan@...hat.com>,
	linux-kernel@...r.kernel.org, selinux@...ho.nsa.gov,
	drepper@...hat.com, roland@...hat.com, arjan@...radead.org,
	mingo@...e.hu, viro@...iv.linux.org.uk, chrisw@...hat.com,
	sgrubb@...hat.com
Subject: Re: [PATCH] Protection for exploiting null dereference using mmap

On Wed, 6 Jun 2007, Stephen Smalley wrote:

> With the fix already noted by James,
> 
> Acked-by:  Stephen Smalley <sds@...ho.nsa.gov>

Final patch applied to:

git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6.git#for-akpm


Also queued there is the following patch which enables the check in 
SELinux:


Subject: [PATCH] SELinux: enable minimum address checking for mmap

Enable enable minimum address checking for mmap if not already enabled, and
disable it on exit if we enabled it. Processes will then require the
new mmap_zero permission to override the check.  Set the default value to
64KB as suggested.  If already set, the existing value will be used.

Acked-by: Stephen Smalley <sds@...ho.nsa.gov>
Acked-by: Eric Paris <eparis@...hat.com>
Signed-off-by: James Morris <jmorris@...ei.org>
---
 security/selinux/hooks.c |   17 +++++++++++++++++
 1 files changed, 17 insertions(+), 0 deletions(-)

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 2b44832..9a8db0b 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -112,6 +112,9 @@ int selinux_enabled = 1;
 /* Original (dummy) security module. */
 static struct security_operations *original_ops = NULL;
 
+/* Did we enable minimum mmap address checking? */
+static int enabled_mmap_min_addr;
+
 /* Minimal support for a secondary security module,
    just to allow the use of the dummy or capability modules.
    The owlsm module can alternatively be used as a secondary
@@ -4912,6 +4915,16 @@ static __init int selinux_init(void)
 	sel_inode_cache = kmem_cache_create("selinux_inode_security",
 					    sizeof(struct inode_security_struct),
 					    0, SLAB_PANIC, NULL, NULL);
+
+	/*
+	 * Tasks cannot mmap below this without the mmap_zero permission.
+	 * If not enabled already, do so by setting it to 64KB.
+	 */
+	if (mmap_min_addr == 0) {
+		enabled_mmap_min_addr = 1;
+		mmap_min_addr = 65536;
+	}
+
 	avc_init();
 
 	original_ops = secondary_ops = security_ops;
@@ -5061,6 +5074,10 @@ int selinux_disable(void)
 
 	selinux_disabled = 1;
 	selinux_enabled = 0;
+	
+	/* Disable minimum mmap address check only if we enabled it */
+	if (enabled_mmap_min_addr)
+		mmap_min_addr = 0;
 
 	/* Reset security_ops to the secondary module, dummy or capability. */
 	security_ops = secondary_ops;
-- 
1.5.0.6

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ