lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Fri, 10 Dec 2010 08:43:55 +1100 (EST)
From:	James Morris <jmorris@...ei.org>
To:	Andrew Morton <akpm@...ux-foundation.org>
cc:	Tavis Ormandy <taviso@...xchg8b.com>,
	Randy Dunlap <randy.dunlap@...cle.com>, security@...nel.org,
	kees@...ntu.com, Greg KH <gregkh@...e.de>,
	linux-kernel@...r.kernel.org, eugene@...hat.com,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	stable@...nel.org
Subject: Re: [Security] [PATCH] install_special_mapping skips security_file_mmap
 check.

On Thu, 9 Dec 2010, Andrew Morton wrote:

> This should return the security_file_mmap() errno rather than assuming
> EPERM.  Although it happens to be the case that EPERM is the only errno
> which security_file_mmap() presently returns, afacit.
> 
> Ditto insert_vm_struct(), with s/EPERM/ENOMEM/
> 
> Please review and test?

Reviewed-by: James Morris <jmorris@...ei.org>


> 
> 
> --- a/mm/mmap.c~mm-install_special_mapping-skips-security_file_mmap-check-fix
> +++ a/mm/mmap.c
> @@ -2463,6 +2463,7 @@ int install_special_mapping(struct mm_st
>  			    unsigned long vm_flags, struct page **pages)
>  {
>  	struct vm_area_struct *vma;
> +	int ret;
>  
>  	vma = kmem_cache_zalloc(vm_area_cachep, GFP_KERNEL);
>  	if (unlikely(vma == NULL))
> @@ -2479,21 +2480,21 @@ int install_special_mapping(struct mm_st
>  	vma->vm_ops = &special_mapping_vmops;
>  	vma->vm_private_data = pages;
>  
> -	if (security_file_mmap(NULL, 0, 0, 0, vma->vm_start, 1)) {
> -		kmem_cache_free(vm_area_cachep, vma);
> -		return -EPERM;
> -	}
> -
> -	if (unlikely(insert_vm_struct(mm, vma))) {
> -		kmem_cache_free(vm_area_cachep, vma);
> -		return -ENOMEM;
> -	}
> +	ret = security_file_mmap(NULL, 0, 0, 0, vma->vm_start, 1);
> +	if (ret < 0)
> +		goto out;
> +
> +	ret = insert_vm_struct(mm, vma);
> +	if (ret < 0)
> +		goto out;
>  
>  	mm->total_vm += len >> PAGE_SHIFT;
>  
>  	perf_event_mmap(vma);
> -
>  	return 0;
> +out:
> +	kmem_cache_free(vm_area_cachep, vma);
> +	return ret;
>  }
>  
>  static DEFINE_MUTEX(mm_all_locks_mutex);
> _
> 
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/
> 

-- 
James Morris
<jmorris@...ei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ