> The patches to use CONFIG_SECURITY_NETWORK have introduced a couple > of security initializer bugs. The code to null the security field > in newly created struct sock and struct open_request got moved into the > dummy functions > for security_sock_alloc() and security_open_request_alloc(). This means > that, contrary > to the documentation in security.h, the security fields in struct sock > and struct sock_request > are not initialized to NULL when the structures are allocated prior to > the relevant > hooks being called. > > This causes problems for dynamically loaded LSM kernel modules > relying on the documented behaviour - since the security fields now get > random junk > as initial value instead of NULL. > > The documented behaviour should be restored, by moving the > initialization code into > the security_sock_alloc() and security_open_request_alloc() functions. > Patch for lsm-2.4 attached. No, the initializers were intentionally moved into the hook functions because they were co-located with hook calls anyway, there was no value in keeping them separate, and doing so would require #ifdefs in the core networking code (not acceptable) or a separate static inline (pointless, as it occurs at the same point as the existing hook call). You just need to fix your module to not expect the value to be set to NULL prior to the alloc_security call. The dummy module will ensure that the values are initialized to NULL for all objects created before your module is inserted. -- Stephen Smalley, NSA _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed Apr 09 2003 - 05:44:59 PDT