lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20120103123841.GA31457@quack.suse.cz>
Date:	Tue, 3 Jan 2012 13:38:41 +0100
From:	Jan Kara <jack@...e.cz>
To:	Linus Torvalds <torvalds@...ux-foundation.org>
Cc:	'Jan Kara' <jack@...e.cz>, linux-kernel@...r.kernel.org,
	reiserfs-devel@...r.kernel.org, haiyangz@...rosoft.com,
	hjanssen@...rosoft.com, 'Mimi Zohar' <zohar@...ux.vnet.ibm.com>,
	"'Rafael J. Wysocki'" <rjw@...k.pl>,
	James Morris <jmorris@...ei.org>,
	Jorge Bastos <mysql.jorge@...imal.pt>
Subject: Re: Reiserfs.c bug in 3.2-rc5

  Hell,

On Tue 03-01-12 09:31:22, Jorge Bastos wrote:
> >   Yes, thanks! So we see that reiserfs_security_init() returned bogus
> >   number 790797. This is caused by security_old_inode_init_security()
> >   either returning some bogus number or setting sec->length to
> >   something bogus.  In any case it's some security module problem so
> >   I'm adding Mimi Zohar who did the changes in this code recently to
> >   CC. I'm also adding Rafael since this is a regression.
> > 
> >   Also I think he might use your kernel config so can you please send
> > it?
> > Thanks.
> 
> Sure,
> Please grab it here:
> 
> http://neotrix.decimal.pt/bugs/config-3.2-rc7.txt 
> 
> Let me know when the fix gets commited git master.
  Thanks! So I've managed to reproduce the problem and I now understand
what is the problem. Commit 1e39f384bb01b0395b69cb70c2cacae65012f203 makes
security_old_inode_init_security() return 0 when CONFIG_SECURITY is not
set. But that makes caller such as reiserfs_security_init() assume that
security_old_inode_init_security() has set name, value, and len arguments
properly (which is IMO correct assumption). But they were left
uninitialized which makes things break in an interesting ways... The fix is
below.

Mimi, James, Linus, this patch fixes a regression from 3.1 and should make
it to 3.2 if possible.

								Honza
----

>From 5bcd17065fa27d5f27756e24a98331f796ff2481 Mon Sep 17 00:00:00 2001
From: Jan Kara <jack@...e.cz>
Date: Tue, 3 Jan 2012 13:14:29 +0100
Subject: [PATCH] security: Fix security_old_inode_init_security() when CONFIG_SECURITY is not set

Commit 1e39f384bb01b0395b69cb70c2cacae65012f203 makes
security_old_inode_init_security() return 0 when CONFIG_SECURITY is not set.
But that makes callers such as reiserfs_security_init() assume that
security_old_inode_init_security() has set name, value, and len arguments
properly. But security_old_inode_init_security() left them uninitialized
which then results in interesting failures.

Revert security_old_inode_init_security() to the old behavior of returning
EOPNOTSUPP since both callers (reiserfs and ocfs2) handle this just fine.

Reported-by: Jorge Bastos <mysql.jorge@...imal.pt>
CC: James Morris <jmorris@...ei.org>
CC: Mimi Zohar <zohar@...ibm.com>
Signed-off-by: Jan Kara <jack@...e.cz>
---
 include/linux/security.h |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/include/linux/security.h b/include/linux/security.h
index 19d8e04..e8c619d 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -2056,7 +2056,7 @@ static inline int security_old_inode_init_security(struct inode *inode,
 						   char **name, void **value,
 						   size_t *len)
 {
-	return 0;
+	return -EOPNOTSUPP;
 }
 
 static inline int security_inode_create(struct inode *dir,
-- 
1.7.1

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ