lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <CADLLry7E+THeMSPLR7kxu-hzA21NHh=tLms0UJ1Wru4NFJ5jRA@mail.gmail.com>
Date:   Thu, 15 Jul 2021 06:45:37 +0900
From:   Austin Kim <austindh.kim@...il.com>
To:     Paul Moore <paul@...l-moore.com>
Cc:     Stephen Smalley <stephen.smalley.work@...il.com>,
        Eric Paris <eparis@...isplace.org>,
        Ondrej Mosnacek <omosnace@...hat.com>, selinux@...r.kernel.org,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        김동현 <austin.kim@....com>,
        kernel-team@....com
Subject: Re: [PATCH v2] lsm_audit,selinux: return early for possible NULL
 audit buffers

2021년 7월 15일 (목) 오전 4:26, Paul Moore <paul@...l-moore.com>님이 작성:
>
> On Tue, Jul 13, 2021 at 8:11 PM Austin Kim <austindh.kim@...il.com> wrote:
> >
> > From: Austin Kim <austin.kim@....com>
> >
> > audit_log_start() may return NULL in below cases:
> >
> >   - when audit is not initialized.
> >   - when audit backlog limit exceeds.
> >
> > After the call to audit_log_start() is made and then possible NULL audit
> > buffer argument is passed to audit_log_*() functions,
> > audit_log_*() functions return immediately in case of a NULL audit buffer
> > argument.
> >
> > But it is optimal to return early when audit_log_start() returns NULL,
> > because it is not necessary for audit_log_*() functions to be called with
> > NULL audit buffer argument.
> >
> > So add exception handling for possible NULL audit buffers where
> > return value can be handled from callers.
> >
> > Signed-off-by: Austin Kim <austin.kim@....com>
> > ---
> >  security/selinux/hooks.c       | 4 ++++
> >  security/selinux/ss/services.c | 2 ++
> >  2 files changed, 6 insertions(+)
>
> Merged into selinux/next, thank you!

Great, thanks for review and feedback.

Thanks,
Austin Kim

>
> --
> paul moore
> www.paul-moore.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ