| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <9c68743f-5efa-4a77-a29b-d3e8f2b2a462@I-love.SAKURA.ne.jp>
Date: Wed, 7 May 2025 19:40:21 +0900
From: Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>
To: Maxime Bélair <maxime.belair@...onical.com>,
linux-security-module@...r.kernel.org
Cc: john.johansen@...onical.com, paul@...l-moore.com, jmorris@...ei.org,
serge@...lyn.com, mic@...ikod.net, kees@...nel.org,
stephen.smalley.work@...il.com, casey@...aufler-ca.com,
takedakn@...data.co.jp, linux-api@...r.kernel.org,
apparmor@...ts.ubuntu.com, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 2/3] lsm: introduce security_lsm_manage_policy hook
On 2025/05/06 23:32, Maxime Bélair wrote:
> diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c
> index dcaad8818679..b39e6635a7d5 100644
> --- a/security/lsm_syscalls.c
> +++ b/security/lsm_syscalls.c
> @@ -122,5 +122,10 @@ SYSCALL_DEFINE3(lsm_list_modules, u64 __user *, ids, u32 __user *, size,
> SYSCALL_DEFINE5(lsm_manage_policy, u32, lsm_id, u32, op, void __user *, buf, u32
> __user *, size, u32, flags)
> {
> - return 0;
> + size_t usize;
> +
> + if (get_user(usize, size))
> + return -EFAULT;
> +
> + return security_lsm_manage_policy(lsm_id, op, buf, usize, flags);
> }
syzbot will report user-controlled unbounded huge size memory allocation attempt. ;-)
This interface might be fine for AppArmor, but TOMOYO won't use this interface because
TOMOYO's policy is line-oriented ASCII text data where the destination is switched via
pseudo‑filesystem's filename; use of filename helps restricting which type of policy
can be manipulated by which process.
Powered by blists - more mailing lists