lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20240702.Auya5Chaipho@digikod.net>
Date: Tue, 2 Jul 2024 15:00:20 +0200
From: Mickaël Salaün <mic@...ikod.net>
To: Li Wang <liwang@...hat.com>
Cc: gnoack@...gle.com, paul@...l-moore.com, linux-kernel@...r.kernel.org, 
	ltp@...ts.linux.it, Konstantin Meskhidze <konstantin.meskhidze@...wei.com>
Subject: Re: [RFC PATCH] landlock: fix minimal required size for
 landlock_ruleset_attr copying

On Tue, Jul 02, 2024 at 05:47:45PM +0800, Li Wang wrote:
> As kernel commit fff69fb03dde ("landlock: Support network rules with TCP bind and connect")
> introducing a new field 'handled_access_net' in the structure landlock_ruleset_attr,
> but in the landlock_create_ruleset() it still uses the first field 'handled_access_fs'
> to calculate minimal size, so that made decrease 1 is useless in LTP landlock01.c to
> test the too-small-size.
> 
> Test code:
>    rule_small_size = sizeof(struct landlock_ruleset_attr) - 1;
>    tst_syscall(__NR_landlock_create_ruleset, ..., rule_small_size, 0)
> 
> Result:
>   landlock01.c:49: TFAIL: Size is too small expected EINVAL: ENOMSG (42)

Interesting, this looks like a bug in these LTP tests.

> 
> Signed-off-by: Li Wang <liwang@...hat.com>
> Cc: Mickaël Salaün <mic@...ikod.net>
> Cc: Konstantin Meskhidze <konstantin.meskhidze@...wei.com>
> Cc: Paul Moore <paul@...l-moore.com>
> ---
> 
> Notes:
>     Hi Mickael,
>        I'm not quite sure if that is on purpose to use the first field or kernel
>        bug, can you take a look?

Hi Li,

Yes this is on purpose.  The handled_access_fs minimal size check should
never change for backward compatibility reason.  User space built with
old headers must still work with new kernels.  This is tested with the
"inconsistent_attr" test in tools/testing/selftests/landlock/base_test.c


> 
>  security/landlock/syscalls.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/security/landlock/syscalls.c b/security/landlock/syscalls.c
> index 03b470f5a85a..f3cd7def7624 100644
> --- a/security/landlock/syscalls.c
> +++ b/security/landlock/syscalls.c
> @@ -198,7 +198,7 @@ SYSCALL_DEFINE3(landlock_create_ruleset,
>  	/* Copies raw user space buffer. */
>  	err = copy_min_struct_from_user(&ruleset_attr, sizeof(ruleset_attr),
>  					offsetofend(typeof(ruleset_attr),
> -						    handled_access_fs),
> +						    handled_access_net),
>  					attr, size);
>  	if (err)
>  		return err;
> -- 
> 2.45.2
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ