| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAEjxPJ6F-=oYosd6JQ_emPeE8C_K1RCnu4d+MTr--XJDNef8Jg@mail.gmail.com>
Date: Wed, 14 May 2025 10:25:03 -0400
From: Stephen Smalley <stephen.smalley.work@...il.com>
To: cgzones@...glemail.com
Cc: selinux@...r.kernel.org, Paul Moore <paul@...l-moore.com>,
Ondrej Mosnacek <omosnace@...hat.com>, linux-kernel@...r.kernel.org,
Thiébaud Weksteen <tweek@...gle.com>,
Bram Bonné <brambonne@...gle.com>,
Eric Suen <ericsu@...ux.microsoft.com>, Casey Schaufler <casey@...aufler-ca.com>,
Canfeng Guo <guocanfeng@...ontech.com>, Takaya Saeki <takayas@...omium.org>
Subject: Re: [PATCH v3 03/14] selinux: more strict policy parsing
On Wed, May 14, 2025 at 10:15 AM Stephen Smalley
<stephen.smalley.work@...il.com> wrote:
>
> On Sun, May 11, 2025 at 1:31 PM Christian Göttsche
> <cgoettsche@...tendoof.de> wrote:
> >
> > From: Christian Göttsche <cgzones@...glemail.com>
> >
> > Be more strict during parsing of policies and reject invalid values.
> >
> > Add some error messages in the case of policy parse failures, to
> > enhance debugging, either on a malformed policy or a too strict check.
> >
> > Signed-off-by: Christian Göttsche <cgzones@...glemail.com>
>
> Acked-by: Stephen Smalley <stephen.smalley.work@...il.com>
>
> > ---
> > v3:
> > - incorporate the overflow checks on security classes from the
> > previous patch, and permit U16_MAX as class ID
> > - minimize the usage of magic values, by using macros or trivial
> > helper functions
> > v2:
> > accept unknown xperm specifiers to support backwards compatibility for
> > future ones, suggested by Thiébaud
> > ---
> > security/selinux/include/security.h | 1 +
> > security/selinux/ss/avtab.c | 35 ++++-
> > security/selinux/ss/avtab.h | 13 ++
> > security/selinux/ss/conditional.c | 18 +--
> > security/selinux/ss/constraint.h | 1 +
> > security/selinux/ss/policydb.c | 196 +++++++++++++++++++++++-----
> > security/selinux/ss/policydb.h | 23 +++-
> > security/selinux/ss/services.c | 6 +-
> > 8 files changed, 233 insertions(+), 60 deletions(-)
> >
>
> > diff --git a/security/selinux/ss/policydb.h b/security/selinux/ss/policydb.h
> > index 0c423ad77fd9..9b3cc393a979 100644
> > --- a/security/selinux/ss/policydb.h
> > +++ b/security/selinux/ss/policydb.h
> > @@ -386,9 +387,23 @@ static inline char *sym_name(struct policydb *p, unsigned int sym_num,
> > return p->sym_val_to_name[sym_num][element_nr];
> > }
> >
> > +static inline bool val_is_boolean(u32 value)
> > +{
> > + return value == 0 || value == 1;
> > +}
> > +
> > extern int str_read(char **strp, gfp_t flags, struct policy_file *fp, u32 len);
> >
> > extern u16 string_to_security_class(struct policydb *p, const char *name);
> > extern u32 string_to_av_perm(struct policydb *p, u16 tclass, const char *name);
> >
> > +#define pr_warn_once_policyload(policy, fmt, ...) \
> > + do { \
> > + static const void *prev_policy__; \
> > + if (prev_policy__ != policy) { \
> > + printk(KERN_WARNING pr_fmt(fmt), ##__VA_ARGS__); \
> > + prev_policy__ = policy; \
> > + } \
> > + } while (0)
> > +
> > #endif /* _SS_POLICYDB_H_ */
checkpatch.pl warning:
WARNING: Prefer [subsystem eg: netdev]_warn([subsystem]dev, ... then
dev_warn(dev, ... then pr_warn(... to printk(KERN_WARNING ...
#718: FILE: security/selinux/ss/policydb.h:404:
+ printk(KERN_WARNING pr_fmt(fmt), ##__VA_ARGS__); \
Powered by blists - more mailing lists