[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAHC9VhT_gjjpq_ksX=DG2FvSav0uFMXtX-jJTcV7WhBgNC4ECQ@mail.gmail.com>
Date: Thu, 1 Feb 2018 11:50:10 -0500
From: Paul Moore <paul@...l-moore.com>
To: Mark Salyzyn <salyzyn@...roid.com>
Cc: linux-kernel@...r.kernel.org, Greg KH <gregkh@...uxfoundation.org>,
Eric Dumazet <edumazet@...gle.com>,
Stephen Smalley <sds@...ho.nsa.gov>, selinux@...ho.nsa.gov,
linux-security-module@...r.kernel.org,
Eric Paris <eparis@...isplace.org>,
"Serge E . Hallyn" <serge@...lyn.com>,
stable <stable@...r.kernel.org>, James Morris <jmorris@...ei.org>
Subject: Re: [PATCH v2] general protection fault in sock_has_perm
On Thu, Feb 1, 2018 at 11:20 AM, Mark Salyzyn <salyzyn@...roid.com> wrote:
> On 02/01/2018 08:00 AM, Paul Moore wrote:
>>
>> On Thu, Feb 1, 2018 at 10:37 AM, Mark Salyzyn <salyzyn@...roid.com> wrote:
>>>
>>> In the absence of commit a4298e4522d6 ("net: add SOCK_RCU_FREE socket
>>> flag") and all the associated infrastructure changes to take advantage
>>> of a RCU grace period before freeing, there is a heightened
>>> possibility that a security check is performed while an ill-timed
>>> setsockopt call races in from user space. It then is prudent to null
>>> check sk_security, and if the case, reject the permissions.
>>>
>>> . . .
>>> ---[ end trace 7b5aaf788fef6174 ]---
>>>
>>> Signed-off-by: Mark Salyzyn <salyzyn@...roid.com>
>>> Signed-off-by: Paul Moore <paul@...uxfoundation.org>
>>
>> No, in the previous thread I gave my ack, not my sign-off; please be
>> more careful in the future. It may seem silly, especially in this
>> particular case, but it is an important distinction when things like
>> the DCO are concerned.
>>
>> Anyway, here is my ack again.
>>
>> Acked-by: Paul Moore <paul@...l-moore.com>
>>
> Ok, both Greg KH and yours should be considered Acked-By. Been overstepping
> this boundary for _years_.
One more note, which I didn't realize until I hit reply and the email
bounced: you used a @linuxfoundation.org email address for me which is
clearly not right. I'm sure it's just a typo, but it's another thing
that needs to be corrected.
> AFAIK Signed-off-by is still pending from Stephen
> Smalley <sds@...ho.nsa.gov> before this can roll in.
Obviously the more acks the better, but you've got mine which should
be sufficient in this case. The MAINTAINER file currently lists three
people for SELinux: Stephen, Eric, and myself. I'm responsible for
the traditional maintainer tasks: tree management, PRs to Linus, patch
review, emptying the waste bin at the end of the week, etc. Stephen
maintains the deep historical knowledge and understanding that comes
with developing the technology/project from it's inception many, many
years ago; no matter how well I may understand SELinux, Stephen will
always have me beat. Eric is basically my predecessor, having
ventured off to the brave new world of containers and Kubernetes; he
is listed out of respect for his contributions and also to safeguard
us against the all important "bus factor", while he is not as active
as he once was, he still holds a wealth of SELinux knowledge.
--
paul moore
www.paul-moore.com
Powered by blists - more mailing lists