lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 31 Aug 2016 16:22:23 -0400 From: Paul Moore <paul@...l-moore.com> To: Mateusz Guzik <mguzik@...hat.com>, linux-kernel@...r.kernel.org Cc: Konstantin Khlebnikov <khlebnikov@...dex-team.ru>, Richard Guy Briggs <rgb@...hat.com>, oleg@...hat.com, luto@...capital.net, linux-audit@...hat.com, ebiederm@...ssion.com, Al Viro <viro@...iv.linux.org.uk> Subject: Re: [PATCHv2 0/2] introduce get_task_exe_file and use it to fix audit_exe_compare On Mon, Aug 29, 2016 at 6:50 PM, Paul Moore <paul@...l-moore.com> wrote: > On Tue, Aug 23, 2016 at 10:20 AM, Mateusz Guzik <mguzik@...hat.com> wrote: >> audit_exe_compare directly accesses mm->exe_file without making sure the >> object is stable. Fixing it using current primitives results in >> partially duplicating what proc_exe_link is doing. >> >> As such, introduce a trivial helper which can be used in both places and >> fix the func. >> >> Changes since v1: >> * removed an unused 'out' label which crept in >> >> Mateusz Guzik (2): >> mm: introduce get_task_exe_file >> audit: fix exe_file access in audit_exe_compare >> >> fs/proc/base.c | 7 +------ >> include/linux/mm.h | 1 + >> kernel/audit_watch.c | 8 +++++--- >> kernel/fork.c | 23 +++++++++++++++++++++++ >> 4 files changed, 30 insertions(+), 9 deletions(-) > > Thanks for doing this. > > Both patches look fine to me, does anyone in the mm area have any > objections? If not, I'll merge these into the audit tree and mark > them for stable. I just merged these patches into audit#stable-4.8 and have a kernel building now, as soon as it finishes I'll do some quick sanity tests and send them off to Linus. -- paul moore www.paul-moore.com
Powered by blists - more mailing lists