lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 28 Feb 2019 19:58:29 +0900
From:   Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp>
To:     Dmitry Vyukov <dvyukov@...gle.com>
Cc:     syzbot <syzbot+e1b8084e532b6ee7afab@...kaller.appspotmail.com>,
        syzkaller-bugs <syzkaller-bugs@...glegroups.com>,
        James Morris <jmorris@...ei.org>,
        LKML <linux-kernel@...r.kernel.org>,
        linux-security-module@...r.kernel.org,
        "Serge E. Hallyn" <serge@...lyn.com>,
        Kentaro Takeda <takedakn@...data.co.jp>
Subject: Re: kernel panic: MAC Initialization failed.

On 2019/02/28 19:23, Dmitry Vyukov wrote:
> On Thu, Feb 28, 2019 at 11:20 AM Tetsuo Handa
> <penguin-kernel@...ove.sakura.ne.jp> wrote:
>>
>> On 2019/02/28 15:51, Dmitry Vyukov wrote:
>>> On Wed, Feb 27, 2019 at 11:37 PM Tetsuo Handa
>>>>
>>>> Thank you. The LSM stacking seems to be working as expected.
>>>> But this one should not be considered as a bug.
>>>>
>>>> If something went wrong before loading access control rules,
>>>> it is pointless to continue. Thus, stopping with kernel panic.
>>>
>>> Hi Tetsuo,
>>>
>>> What misconfiguration you mean?
>>
>> To use security modules, access control rules need to be loaded. Regarding
>> TOMOYO, access control rules can be loaded from the kernel itself (built-in)
>> and/or from /etc/tomoyo/ directory via /sbin/tomoyo-init (run-time).
>>
>> Since the kernel is built without built-in policy and /sbin/tomoyo-init does
>> not exist, memory allocation failure is handled as a fatal problem.
>>
>> But if syzbot cannot test other paths due to hitting this path, we need to somehow
>> avoid panic(). Can you add tomoyo-tools package into your rootfs images? It is
>> explained at https://tomoyo.osdn.jp/2.6/chapter-3.html .
> 
> 
> Is installing the package everything that needs to be done? It's not a
> standard package, right?
> What does it do? Frequently there is like 3 DVD's of some software,
> but everything that needs to be done is a single system call? What
> exactly from kernel perspective we need to do?
> 

 From kernel perspective, just building the kernels with
CONFIG_SECURITY_TOMOYO_OMIT_USERSPACE_LOADER=y after doing

echo 'PROFILE_VERSION=20150505' > security/tomoyo/policy/profile.conf
echo '0-CONFIG={ mode=learning grant_log=no reject_log=yes }' >> security/tomoyo/policy/profile.conf

 from the kernel source tree is needed.

But the problem is that since syzbot is automated, there is no chance to
edit the content of security/tomoyo/policy/ directory when building the
kernels. Therefore, I expected that we can add tomoyo-tools package and
/etc/tomoyo/ directory generated by executing /usr/lib/tomoyo/init_policy
into the rootfs images. tomoyo-tools package is easy to install because of
little dependency (e.g. glibc and ncurses).

Maybe disabling panic() if CONFIG_FAULT_INJECTION=y is simpler...

diff --git a/security/tomoyo/memory.c b/security/tomoyo/memory.c
index 2e7fcfa..2b2d5898 100644
--- a/security/tomoyo/memory.c
+++ b/security/tomoyo/memory.c
@@ -24,7 +24,7 @@ void tomoyo_warn_oom(const char *function)
 		pr_warn("ERROR: Out of memory at %s.\n", function);
 		tomoyo_last_pid = pid;
 	}
-	if (!tomoyo_policy_loaded)
+	if (!IS_ENABLED(CONFIG_FAULT_INJECTION) && !tomoyo_policy_loaded)
 		panic("MAC Initialization failed.\n");
 }
 

Powered by blists - more mailing lists