| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 18 Jun 2009 19:49:46 -0400 From: Mimi Zohar <zohar@...ibm.com> To: hooanon05@...oo.co.jp Cc: linux-kernel@...r.kernel.org, safford@...son.ibm.com Subject: Re: IMA and ETXTBSY hooanon05@...oo.co.jp wrote on 06/18/2009 01:32:58 AM: > After the failure of open(2) with ETXTBSY, IMA produces wrong messages. > Here is a simple test script. > > dir=/tmp > cp /bin/sleep $dir > ls -l $dir/sleep > stat -f $dir > $dir/sleep 3 & sleep 1 > echo | /bin/dd of=$dir/sleep conv=notrunc && false > wait > rm $dir/sleep > > > The result. > + cp /bin/sleep /tmp > + ls -l /tmp/sleep > -rwxr-xr-x 1 jro jro 23504 Jun 18 14:26 /tmp/sleep > + stat -f /tmp > File: "/tmp" > ID: 4e22c34ea8177d80 Namelen: 255 Type: ext2/ext3 > Block size: 1024 Fundamental block size: 1024 > Blocks: Total: 918322 Free: 918281 Available: 869285 > Inodes: Total: 490560 Free: 490545 > + /tmp/sleep 3 > + sleep 1 > + echo > + /bin/dd of=/tmp/sleep conv=notrunc > /bin/dd: opening `/tmp/sleep': Text file busy > + wait > + rm /tmp/sleep > $ iint_free: writecount: 1 > iint_free: opencount: 1 > > > J. R. Okajima The problem is that IMA measures the file and increments the open/read/write counters before the file is actually opened, but if the open fails it doesn't decrement the counters. I'll post a patch. Thanks for bringing this to my attention. Mimi -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists