lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAHC9VhTBOCUKva6ctOXx_E7+2nXMjR_eLaogMQNvEBJ4R_71gA@mail.gmail.com>
Date: Wed, 13 Mar 2024 22:25:09 -0400
From: Paul Moore <paul@...l-moore.com>
To: Casey Schaufler <casey@...aufler-ca.com>
Cc: "Dmitry V. Levin" <ldv@...ace.io>, LSM List <linux-security-module@...r.kernel.org>, 
	Linux kernel mailing list <linux-kernel@...r.kernel.org>, linux-api@...r.kernel.org, 
	Mickaël Salaün <mic@...ikod.net>, 
	James Morris <jmorris@...ei.org>, Serge Hallyn <serge@...lyn.com>, 
	John Johansen <john.johansen@...onical.com>, 
	Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp>, 
	Stephen Smalley <stephen.smalley.work@...il.com>
Subject: Re: [PATCH v3] LSM: use 32 bit compatible data types in LSM syscalls.

On Wed, Mar 13, 2024 at 9:44 PM Paul Moore <paul@...l-moore.com> wrote:
> On Wed, Mar 13, 2024 at 6:48 PM Casey Schaufler <casey@...aufler-ca.com> wrote:
> > On 3/13/2024 3:37 PM, Paul Moore wrote:
> > > On Wed, Mar 13, 2024 at 4:07 PM Paul Moore <paul@...l-moore.com> wrote:
> > >> On Mar 13, 2024 Casey Schaufler <casey@...aufler-ca.com> wrote:
> > >>> LSM: use 32 bit compatible data types in LSM syscalls.
> > >>>
> > >>> Change the size parameters in lsm_list_modules(), lsm_set_self_attr()
> > >>> and lsm_get_self_attr() from size_t to u32. This avoids the need to
> > >>> have different interfaces for 32 and 64 bit systems.
> > >>>
> > >>> Cc: stable@...r.kernel.org
> > >>> Fixes: a04a1198088a: ("LSM: syscalls for current process attributes")
> > >>> Fixes: ad4aff9ec25f: ("LSM: Create lsm_list_modules system call")
> > >>> Signed-off-by: Casey Schaufler <casey@...aufler-ca.com>
> > >>> Reported-and-reviewed-by: Dmitry V. Levin <ldv@...ace.io>
> > >>> ---
> > >>>  include/linux/lsm_hook_defs.h                        |  4 ++--
> > >>>  include/linux/security.h                             |  8 ++++----
> > >>>  security/apparmor/lsm.c                              |  4 ++--
> > >>>  security/lsm_syscalls.c                              | 10 +++++-----
> > >>>  security/security.c                                  | 12 ++++++------
> > >>>  security/selinux/hooks.c                             |  4 ++--
> > >>>  security/smack/smack_lsm.c                           |  4 ++--
> > >>>  tools/testing/selftests/lsm/common.h                 |  6 +++---
> > >>>  tools/testing/selftests/lsm/lsm_get_self_attr_test.c | 10 +++++-----
> > >>>  tools/testing/selftests/lsm/lsm_list_modules_test.c  |  8 ++++----
> > >>>  tools/testing/selftests/lsm/lsm_set_self_attr_test.c |  6 +++---
> > >>>  11 files changed, 38 insertions(+), 38 deletions(-)
> > >> Okay, this looks better, I'm going to merge this into lsm/stable-6.9
> > >> and put it through the usual automated testing as well as a kselftest
> > >> run to make sure everything there is still okay.  Assuming all goes
> > >> well and no one raises any objections, I'll likely send this up to
> > >> Linus tomorrow.
> > >>
> > >> Thanks everyone!
> > >
> > > Unfortunately it looks like we have a kselftest failure (below).  I'm
> > > pretty sure that this was working at some point, but it's possible I
> > > missed it when I ran the selftests previously.  I've got to break for
> > > a personal appt right now, but I'll dig into this later tonight.
> >
> > In v2:
> >
> > diff --git a/security/security.c b/security/security.c
> > index 7035ee35a393..a0f9caf89ae1 100644
> > --- a/security/security.c
> > +++ b/security/security.c
> > @@ -810,7 +810,7 @@ int lsm_fill_user_ctx(struct lsm_ctx __user *uctx, size_t *uctx_len,
> >         nctx->ctx_len = val_len;
> >         memcpy(nctx->ctx, val, val_len);
> >
> > -       if (copy_to_user(uctx, nctx, nctx_len))
> > +       if (uctx && copy_to_user(uctx, nctx, nctx_len))
> >                 rc = -EFAULT;
> >
> >  out:
> >
> > This addresses the case where NULL is passed in the call to lsm_get_self_attr()
> > to get the buffer size required.
>
> Yeah, thanks.  I didn't get a chance to look at the failure before I
> had to leave, but now that I'm looking at it I agree.  It looks like
> it used to work prior to d7cf3412a9f6c, but I broke things when I
> consolidated the processing into lsm_fill_user_ctx() - oops :/
>
> I'll start working on the patch right now and post it as soon as it
> passes testing.

The patch posted below passes the kselftests and all my other sanity checks:

https://lore.kernel.org/linux-security-module/20240314022202.599471-2-paul@paul-moore.com

-- 
paul-moore.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ