| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20180916003059.1046-19-keescook@chromium.org>
Date: Sat, 15 Sep 2018 17:30:59 -0700
From: Kees Cook <keescook@...omium.org>
To: James Morris <jmorris@...ei.org>
Cc: Kees Cook <keescook@...omium.org>,
Casey Schaufler <casey@...aufler-ca.com>,
John Johansen <john.johansen@...onical.com>,
Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp>,
Paul Moore <paul@...l-moore.com>,
Stephen Smalley <sds@...ho.nsa.gov>,
"Schaufler, Casey" <casey.schaufler@...el.com>,
LSM <linux-security-module@...r.kernel.org>,
LKLM <linux-kernel@...r.kernel.org>
Subject: [PATCH 18/18] LSM: Don't ignore initialization failures
LSM initialization failures have traditionally been ignored. We should
at least WARN when something goes wrong.
Signed-off-by: Kees Cook <keescook@...omium.org>
---
security/security.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/security/security.c b/security/security.c
index 3b84b7eeb08c..a7796e522f72 100644
--- a/security/security.c
+++ b/security/security.c
@@ -203,11 +203,15 @@ static void __init maybe_enable_lsm(struct lsm_info *lsm)
/* If selected, initialize the LSM. */
if (enabled) {
+ int ret;
+
if (lsm->type == LSM_TYPE_EXCLUSIVE) {
exclusive = lsm;
init_debug("exclusive: %s\n", exclusive->name);
}
- lsm->init();
+
+ ret = lsm->init();
+ WARN(ret, "%s failed to initialize: %d\n", lsm->name, ret);
}
}
--
2.17.1
Powered by blists - more mailing lists