Security initializer bugs

• Previous message: Chris Wright: "[RFC][PATCH] Early init for security modules"
• Next in thread: Mike Wray: "Re: Security initializer bugs"
• Reply: Mike Wray: "Re: Security initializer bugs"
• Reply: Stephen D. Smalley: "Re: Security initializer bugs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The patches to use CONFIG_SECURITY_NETWORK have introduced a couple
of security initializer bugs. The code to null the security field
in newly created struct sock and struct open_request got moved into the 
dummy functions
for security_sock_alloc() and security_open_request_alloc(). This means 
that, contrary
to the documentation in security.h, the security fields in struct sock 
and struct sock_request
are not initialized to NULL when the structures are allocated prior to 
the relevant
hooks being called.
 
This causes problems for dynamically loaded LSM kernel modules
relying on the documented behaviour - since the security fields now get 
random junk
as initial value instead of NULL.
 
The documented behaviour should be restored, by moving the 
initialization code into
the security_sock_alloc() and  security_open_request_alloc() functions.
Patch for lsm-2.4 attached.

Mike


diff -r -u lsm-2.4/include/linux/security.h /usr/src/linux-2.4.20-lsm1/include/linux/security.h
--- lsm-2.4/include/linux/security.h	Tue Feb 18 13:25:40 2003
+++ /usr/src/linux-2.4.20-lsm1/include/linux/security.h	Wed Apr  9 08:57:06 2003
@@ -2909,6 +2909,7 @@
 static inline int security_sock_alloc(struct sock * sk, 
 				      int gfp_mask)
 {
+	sk->security = NULL;
 	return security_ops->socket_sock_alloc_security(sk, gfp_mask);
 }
 
@@ -2925,6 +2926,7 @@
 
 static inline int security_open_request_alloc (struct open_request * req)
 {
+	req->security = NULL;
 	return security_ops->open_request_alloc_security (req);
 }
 
diff -r -u lsm-2.4/security/dummy.c /usr/src/linux-2.4.20-lsm1/security/dummy.c
--- lsm-2.4/security/dummy.c	Tue Feb 18 13:25:44 2003
+++ /usr/src/linux-2.4.20-lsm1/security/dummy.c	Wed Apr  9 09:10:06 2003
@@ -813,7 +813,6 @@
 
 static int dummy_socket_sock_alloc_security(struct sock *sk, int gfp_mask)
 {
-	sk->security = NULL;
 	return 0;
 }
 
@@ -829,7 +828,6 @@
 
 static int dummy_open_request_alloc_security(struct open_request * req)
 {
-	req->security = NULL;
 	return 0;
 }
 


_______________________________________________
linux-security-module mailing list
linux-security-module@mail.wirex.com
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Mike Wray: "Re: Security initializer bugs"
• Previous message: Chris Wright: "[RFC][PATCH] Early init for security modules"
• Next in thread: Mike Wray: "Re: Security initializer bugs"
• Reply: Mike Wray: "Re: Security initializer bugs"
• Reply: Stephen D. Smalley: "Re: Security initializer bugs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Apr 09 2003 - 02:39:02 PDT