lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Thu, 17 Jul 2008 09:56:50 +1000 (EST)
From:	James Morris <jmorris@...ei.org>
To:	Mimi Zohar <zohar@...ux.vnet.ibm.com>
cc:	linux-kernel@...r.kernel.org, akpm@...ux-foundation.org,
	safford@...son.ibm.com, serue@...ux.vnet.ibm.com,
	sailer@...son.ibm.com, zohar@...ibm.com, debora@...ux.vnet.ibm.com,
	srajiv@...ux.vnet.ibm.com
Subject: Re: [Patch 5/5]integrity: IMA as an integrity service provider

On Wed, 16 Jul 2008, Mimi Zohar wrote:


> +static ssize_t ima_show_htable_value(char __user *buf, size_t count,
> +				     loff_t *ppos, atomic_t *val)
> +{
> +	char tmpbuf[TMPBUFLEN];
> +	ssize_t len;
> +
> +	len = scnprintf(tmpbuf, TMPBUFLEN, "%i\n", atomic_read(val));
> +	return simple_read_from_buffer(buf, count, ppos, tmpbuf, len);
> +}
> +
> +static ssize_t ima_show_htable_violations(struct file *filp,
> +					  char __user *buf,
> +					  size_t count, loff_t *ppos)
> +{
> +	return ima_show_htable_value(buf, count, ppos, &ima_htable.violations);
> +}


ima_htable.violations is an atomic_long_t and is not safe to pass 
to ima_show_htable_value.  Did you check for compilation warnings?

> +void ima_add_violation(struct inode *inode, const unsigned char *fname,
> +                      char *op, char *cause)
> +{
> +       int result;
> +
> +       /* can overflow, only indicator */
> +       atomic_inc(&ima_htable.violations);

This also generates a warning.  You probably want atomic_long_inc().


- James
-- 
James Morris
<jmorris@...ei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists