lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <4834FE1D.10909@kernel.org>
Date:	Wed, 21 May 2008 22:01:17 -0700
From:	"Andrew G. Morgan" <morgan@...nel.org>
To:	Andrew Morton <akpm@...ux-foundation.org>
CC:	Shi Weihua <shiwh@...fujitsu.com>,
	"Serge E. Hallyn" <serue@...ibm.com>,
	linux-security-module@...r.kernel.org,
	LKML <linux-kernel@...r.kernel.org>, jmorris@...ei.org,
	ltp-list@...ts.sourceforge.net
Subject: Re: [PATCH] fix sys_prctl() returned uninitialized value

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Looks like I goofed here. :*(

Andrew Morton wrote:
| Oh dear, there are so many things wrong with this...
|
| - if security_task_prctl() is returning "fail" then why on earth
|   isn't it setting the error code?

Its not failing, as Shi points out in their patch preamble, its simply
passing-through - security_task_prctl() doesn't implement the requested
PR_* code, so it expects something else (sys_prctl() proper) to set this
value.

| - cap_task_prctl() _does_ set `error' is if returns non-zero, so it
|   must be one of the other myriad backend implementations of
|   security_task_prctl() which is busted.  Which one is it?

None of them. In this case, none of the security modules implement the
requested PRCTL.

| - With the above patch applied, sys_prctl() will return zero (ie:
|   "success") even though it just failed.

Not sure what you mean here. The switch statement only sets a non-zero
value for error on a failing path. It assumes that the error value is
initially zero.

| - Can't we remove the sixth argument to security_task_prctl() and
|   just return the result code like a sane function would do?

A bunch of capability related prctl()s will cease to work.

I'd prefer the attached patch, but I don't object to Shi's. In which case:

~   Acked-by: Andrew G. Morgan <morgan@...nel.org>

Cheers

Andrew

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFINP4d+bHCR3gb8jsRAj9pAJ4g8WqzSOomhIirAdjt2nZ//mCAoACcDA+0
EKUYQcvgTgbPig1erxmglsA=
=n5ae
-----END PGP SIGNATURE-----

View attachment "Bug-fix-default-error-to-success.patch" of type "text/plain" (794 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ