[PATCH] 2.5.65 skb allocation change

• Previous message: Greg KH: "[BK PATCH] LSM changes for 2.5.64"
• Next in thread: Stephen D. Smalley: "Re: [PATCH] 2.5.65 skb allocation change"
• Reply: Stephen D. Smalley: "Re: [PATCH] 2.5.65 skb allocation change"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

2.5.65 no longer uses a constructor for the skb slab allocations.  This
leaves skb->lsm_security uninitialized which caused an oops in SELinux
which checked the blob during allocation.  In all cases we allocate and
free the blob for each use of an skb, regardless of whetther it came
from skb pool, slab, or was newly created, so having a blob leftover
from earlier skb use will^Wshould not happen.  However, as Stephen
pointed out to me, if you initialize a module after some skb's have been
created (IOW, handled by the dummy hook), then these blobs could still
be garbage. and cause problems after the newly inserted module is
initialized.

This patch removes the precondition checking from the SELinux module,
removes the skb->lsm_security = NULL init in alloc_skb (this is a
bogosity left over from merge), and adds skb->lsm_security = NULL init
to dummy hook to clear the field.

I've tested this with SELinux, and it no longer oopses.  But it could
certainly use some review.  Comments?

thanks,
-chris
-- 
Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net

===== net/core/skbuff.c 1.22 vs edited =====
--- 1.22/net/core/skbuff.c	Mon Mar 17 18:22:28 2003
+++ edited/net/core/skbuff.c	Mon Mar 17 22:52:55 2003
@@ -240,9 +240,6 @@
 #ifdef CONFIG_NET_SCHED
 	skb->tc_index	= 0;
 #endif
-#ifdef	CONFIG_SECURITY_NETWORK
-	skb->lsm_security = NULL;
-#endif
 	atomic_set(&(skb_shinfo(skb)->dataref), 1);
 	skb_shinfo(skb)->nr_frags  = 0;
 	skb_shinfo(skb)->tso_size = 0;
===== security/dummy.c 1.30 vs edited =====
--- 1.30/security/dummy.c	Mon Mar 17 18:22:28 2003
+++ edited/security/dummy.c	Tue Mar 18 09:53:51 2003
@@ -841,6 +841,7 @@
 
 static int dummy_skb_alloc_security (struct sk_buff *skb, int gfp_mask)
 {
+	skb->lsm_security = NULL;
 	return 0;
 }
 
===== security/selinux/hooks.c 1.77 vs edited =====
--- 1.77/security/selinux/hooks.c	Wed Feb 19 12:56:11 2003
+++ edited/security/selinux/hooks.c	Tue Mar 18 09:47:30 2003
@@ -359,21 +359,14 @@
 
 static int skb_alloc_security(struct sk_buff *skb, int gfp_mask)
 {
-	struct skb_security_struct *ssec, *new_ssec;
+	struct skb_security_struct *ssec;
 	unsigned long flags;
 
-	new_ssec = kmalloc(sizeof(struct skb_security_struct), gfp_mask);
-	if (!new_ssec)
+	ssec = kmalloc(sizeof(struct skb_security_struct), gfp_mask);
+	if (!ssec)
 		return -ENOMEM;
 
 	spin_lock_irqsave(&skb_alloc_lock,flags);
-	ssec = skb->lsm_security;
-	if (ssec && ssec->magic == SELINUX_MAGIC) {
-		spin_unlock_irqrestore(&skb_alloc_lock,flags);
-		kfree(new_ssec);
-		return 0;
-	}
-	ssec = new_ssec;
 	
 	memset(ssec, 0, sizeof(struct skb_security_struct));
 	atomic_set(&ssec->use, 1);
_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Stephen D. Smalley: "Re: [PATCH] 2.5.65 skb allocation change"
• Previous message: Greg KH: "[BK PATCH] LSM changes for 2.5.64"
• Next in thread: Stephen D. Smalley: "Re: [PATCH] 2.5.65 skb allocation change"
• Reply: Stephen D. Smalley: "Re: [PATCH] 2.5.65 skb allocation change"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Mar 18 2003 - 10:23:51 PST