| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 10 Nov 2020 21:35:02 +0300
From: Aleksandr Nogikh <nogikh@...gle.com>
To: Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp>
Cc: Aleksandr Nogikh <aleksandrnogikh@...il.com>, jmorris@...ei.org,
serge@...lyn.com, Akinobu Mita <akinobu.mita@...il.com>,
Andrey Konovalov <andreyknvl@...gle.com>,
Dmitry Vyukov <dvyukov@...gle.com>,
Marco Elver <elver@...gle.com>,
Alexander Potapenko <glider@...gle.com>,
Kees Cook <keescook@...gle.com>,
Casey Schaufler <casey@...aufler-ca.com>,
LKML <linux-kernel@...r.kernel.org>,
linux-security-module@...r.kernel.org
Subject: Re: [PATCH v3 1/2] security: add fault injection capability
On Tue, Nov 10, 2020 at 7:43 AM Tetsuo Handa
<penguin-kernel@...ove.sakura.ne.jp> wrote:
>
[...]
>
> By the way, fail_lsm_hooks.retval is "signed int" but debugfs_create_u32() handles "unsigned int".
> Do we want to allow lsm_hooks_inject_fail() to inject arbitrary !IS_ERR_VALUE() values?
Thanks for pointing it out. Technically, now it's possible to set a
negative value - internally, the kernel
will process negative integers anyway, and after casting the unsigned
value to a signed one, retval
will contain exactly what the user provided. However, if the user
retrieves the attribute value, they won't
get the exact value that was set (if it was negative).
I'll change debugfs_create_u32 to something else in v4, so that it'll
be more explicit and so that it'll be
possible to read negative values normally.
Powered by blists - more mailing lists