lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 31 May 2008 04:12:42 +0300 From: "Ahmed S. Darwish" <darwish.07@...il.com> To: Andrew Morton <akpm@...ux-foundation.org> Cc: casey@...aufler-ca.com, paul.moore@...com, linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org, netdev@...r.kernel.org, Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp> Subject: Re: [PATCH BUGFIX -v2 -rc4] Smack: Respect 'unlabeled' netlabel mode On Fri, May 30, 2008 at 04:25:00PM -0700, Andrew Morton wrote: > On Sat, 31 May 2008 02:57:51 +0300 > "Ahmed S. Darwish" <darwish.07@...il.com> wrote: > > > + mutex_lock(&smack_ambient_lock); > > + nlsp->domain = kstrdup(smack_net_ambient, GFP_ATOMIC); > > + mutex_unlock(&smack_ambient_lock); > > no no no no no. And no. > > GFP_ATOMIC is *unreliable*. Using it in a "security" feature is a bug > - if it fails, the feature isn't secure any more. > > Failing to check the kmalloc() return value might be a bug. > > If we _need_ GFP_ATOMIC here then taking a mutex in a cannot-sleep > context is a bug. > > The patch adds a kmalloc but doesn't add a kfree. Is it leaky? > > Finally, why is there a need to take a lock around a single store > instruction? Possibly the worst three lines written ever. GFP_ATOMIC line was cut-and-paste forgetting to change it to GFP_KERNEL and the lock is already useless. -- "Better to light a candle, than curse the darkness" Ahmed S. Darwish Homepage: http://darwish.07.googlepages.com Blog: http://darwish-07.blogspot.com -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists