| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 26 Apr 2016 14:36:24 -0500
From: Seth Forshee <seth.forshee@...onical.com>
To: "Eric W. Biederman" <ebiederm@...ssion.com>
Cc: Alexander Viro <viro@...iv.linux.org.uk>,
Serge Hallyn <serge.hallyn@...onical.com>,
Richard Weinberger <richard.weinberger@...il.com>,
Austin S Hemmelgarn <ahferroin7@...il.com>,
Miklos Szeredi <mszeredi@...hat.com>,
Pavel Tikhomirov <ptikhomirov@...tuozzo.com>,
linux-kernel@...r.kernel.org, linux-bcache@...r.kernel.org,
dm-devel@...hat.com, linux-raid@...r.kernel.org,
linux-mtd@...ts.infradead.org, linux-fsdevel@...r.kernel.org,
fuse-devel@...ts.sourceforge.net,
linux-security-module@...r.kernel.org, selinux@...ho.nsa.gov,
cgroups@...r.kernel.org, Seth Forshee <seth.forshee@...onical.com>
Subject: [PATCH v4 11/21] cred: Reject inodes with invalid ids in set_create_file_as()
Using INVALID_[UG]ID for the LSM file creation context doesn't
make sense, so return an error if the inode passed to
set_create_file_as() has an invalid id.
Signed-off-by: Seth Forshee <seth.forshee@...onical.com>
Acked-by: Serge Hallyn <serge.hallyn@...onical.com>
---
kernel/cred.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/kernel/cred.c b/kernel/cred.c
index 0c0cd8a62285..5f264fb5737d 100644
--- a/kernel/cred.c
+++ b/kernel/cred.c
@@ -689,6 +689,8 @@ EXPORT_SYMBOL(set_security_override_from_ctx);
*/
int set_create_files_as(struct cred *new, struct inode *inode)
{
+ if (!uid_valid(inode->i_uid) || !gid_valid(inode->i_gid))
+ return -EINVAL;
new->fsuid = inode->i_uid;
new->fsgid = inode->i_gid;
return security_kernel_create_files_as(new, inode);
--
2.7.4
Powered by blists - more mailing lists