| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20081029084932.77de26fd@infradead.org> Date: Wed, 29 Oct 2008 08:49:32 -0700 From: Arjan van de Ven <arjan@...radead.org> To: Eric Paris <eparis@...hat.com> Cc: linux-kernel@...r.kernel.org, morgan@...nel.org, serue@...ibm.com Subject: Re: [PATCH] Capabilities: BUG when an invalid capability is requested On Wed, 29 Oct 2008 11:42:12 -0400 Eric Paris <eparis@...hat.com> wrote: > If an invalid (large) capability is requested the capabilities system > may panic as it is dereferencing an array of fixed (short) length. > Its possible (and actually often happens) that the capability system > accidentally stumbled into a valid memory region but it also regularly > happens that it hits invalid memory and BUGs. If such an operation > does get past cap_capable then the selinux system is sure to have > problems as it already does a (simple) validity check and BUG. This > is known to happen by the broken and buggy firegl driver. > > This patch cleanly checks all capable calls and BUG if a call is for > an invalid capability. This will likely break the firegl driver for > some situations, but it is the right thing to do. Garbage into a > security system gets you killed/bugged > > Signed-off-by: Eric Paris <eparis@...hat.com> > Acked-by: Arjan van de Ven <arjan@...ux.intel.com> -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists