I'm the poor soul who reported the complete system lockup running Mozilla - Stephen did a great job in tracking down the problem. Something needs to be done about this; this is an easy mistake to make, it's easily missed, and it has dire consequences. > > > Message: 4 > Date: Thu, 25 Oct 2001 13:22:01 -0400 (EDT) > From: Stephen Smalley <sdsat_private> > To: <linux-security-moduleat_private> > Subject: Detecting missing hook functions > > > At present, if you accidentally miss a hook function when writing your > security module, you don't get any kind of warning unless it happens to > be one of the top-level hooks (checked by security/security.c:verify). > This happened to the SELinux security module. Back at the beginning of > August, a set of additional hooks were added to task_security_ops by > Lachlan, and I missed the getscheduler hook when I updated the SELinux > module. We made three releases of the SELinux security module without > noticing this problem, and only happened to find it after a user reported > a complete system lockup upon running mozilla on the third release. Even > then, it wasn't easy to track down - we didn't get any kind of kernel > Oops until we rolled forward to 2.4.13-pre6, just a complete lockup. > > Although this was my mistake, it would be nice if the verify function > would catch these kinds of mistakes. But simply expanding the current set > tests for each individual hook function pointer seems painful and may not > be well-maintained as new hooks are added. Is there a simpler way to > validate the entire structure? > > -- > Stephen D. Smalley, NAI Labs > ssmalleyat_private > _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Oct 25 2001 - 12:50:30 PDT