lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 12 Feb 2008 16:35:14 -0800 (PST) From: Casey Schaufler <casey@...aufler-ca.com> To: "Ahmed S. Darwish" <darwish.07@...il.com>, Joerg Platte <jplatte@...sa.net> Cc: linux-kernel@...r.kernel.org, casey@...aufler-ca.com Subject: Re: [PATCH - BUGFIX] Smack: Check for 'struct socket' with NULL sk --- "Ahmed S. Darwish" <darwish.07@...il.com> wrote: > On Mon, Feb 11, 2008 at 07:26:02PM +0100, Joerg Platte wrote: > > Hi, > > > > when booting linux 2.6.25-rc1 I get the following error: > > > > BUG: unable to handle kernel NULL pointer dereference at 00000138 > > IP: [<c01aa59e>] smack_netlabel+0x13/0xc8 > > *pde = 00000000 > > Oops: 0000 [#1] PREEMPT > > Modules linked in: nfsd > [...] > > Call Trace: > > [<c01aacf8>] ? new_inode_smack+0x39/0x3f > > [<c01aad52>] ? smack_inode_alloc_security+0x16/0x27 > > [<c01a7510>] ? security_inode_alloc+0x19/0x1b > > [<c01aa665>] ? smack_socket_post_create+0x12/0x18 > > [<c01a7a06>] ? security_socket_post_create+0x16/0x1b > > [<c02116ce>] ? sock_create_lite+0x44/0x64 > > [<c0211712>] ? kernel_accept+0x24/0x5f > > Hi Joerg, > > There's a small problem with smack and NFS. A similar report was also > sent here: http://lkml.org/lkml/2007/10/27/85 > > Could you please check below patch ? I think it should fix your problem. > > I've also added similar checks in inode_{get/set}security(). Cheating > from SELinux post_create_socket(), it does the same. Casey, Thoughts ? > > Signed-off-by: Ahmed S. Darwish <darwish.07@...il.com> Acked-by: Casey Schaufler <casey@...uafler-ca.com> This looks like the right sort of thing to do. I would like to see it in. If you would like Ahmed, please submit with my Acknowlegement. Thank you for the work on this. > --- > diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c > index 1c11e42..eb04278 100644 > --- a/security/smack/smack_lsm.c > +++ b/security/smack/smack_lsm.c > @@ -701,7 +701,7 @@ static int smack_inode_getsecurity(const struct inode > *inode, > return -EOPNOTSUPP; > > sock = SOCKET_I(ip); > - if (sock == NULL) > + if (sock == NULL || sock->sk == NULL) > return -EOPNOTSUPP; > > ssp = sock->sk->sk_security; > @@ -1280,10 +1280,12 @@ static void smack_to_secattr(char *smack, struct > netlbl_lsm_secattr *nlsp) > */ > static int smack_netlabel(struct sock *sk) > { > - struct socket_smack *ssp = sk->sk_security; > + struct socket_smack *ssp; > struct netlbl_lsm_secattr secattr; > int rc = 0; > > + BUG_ON(sk == NULL); > + ssp = sk->sk_security; > netlbl_secattr_init(&secattr); > smack_to_secattr(ssp->smk_out, &secattr); > if (secattr.flags != NETLBL_SECATTR_NONE) > @@ -1331,7 +1333,7 @@ static int smack_inode_setsecurity(struct inode *inode, > const char *name, > return -EOPNOTSUPP; > > sock = SOCKET_I(inode); > - if (sock == NULL) > + if (sock == NULL || sock->sk == NULL) > return -EOPNOTSUPP; > > ssp = sock->sk->sk_security; > @@ -1362,7 +1364,7 @@ static int smack_inode_setsecurity(struct inode *inode, > const char *name, > static int smack_socket_post_create(struct socket *sock, int family, > int type, int protocol, int kern) > { > - if (family != PF_INET) > + if (family != PF_INET || sock->sk == NULL) > return 0; > /* > * Set the outbound netlbl. > -- > To unsubscribe from this list: send the line "unsubscribe linux-kernel" in > the body of a message to majordomo@...r.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html > Please read the FAQ at http://www.tux.org/lkml/ > > > Casey Schaufler casey@...aufler-ca.com -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists