leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
6f7c41374b
linux/security
History
Tetsuo Handa 6f7c41374b tomoyo: Don't use nifty names on sockets. 
syzbot is reporting that use of SOCKET_I()->sk from open() can result in
use after free problem [1], for socket's inode is still reachable via
/proc/pid/fd/n despite destruction of SOCKET_I()->sk already completed.

At first I thought that this race condition applies to only open/getattr
permission checks. But James Morris has pointed out that there are more
permission checks where this race condition applies to. Thus, get rid of
tomoyo_get_socket_name() instead of conditionally bypassing permission
checks on sockets. As a side effect of this patch,
"socket:[family=\$:type=\$:protocol=\$]" in the policy files has to be
rewritten to "socket:[\$]".

[1] https://syzkaller.appspot.com/bug?id=73d590010454403d55164cca23bd0565b1eb3b74

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Reported-by: syzbot <syzbot+0341f6a4d729d4e0acf1@syzkaller.appspotmail.com>
Reported-by: James Morris <jmorris@namei.org>
2019-12-11 19:54:10 +09:00
..
apparmor + Features 2019-12-03 12:51:35 -08:00
integrity x86/efi: remove unused variables 2019-11-29 22:23:46 +11:00
keys KEYS: trusted: Remove set but not used variable 'keyhndl' 2019-11-12 21:45:37 +02:00
loadpin proc/sysctl: add shared variables for range check 2019-07-18 17:08:07 -07:00
lockdown powerpc updates for 5.5 2019-11-30 14:35:43 -08:00
safesetid security/safesetid: Replace rcu_swap_protected() with rcu_replace_pointer() 2019-10-30 08:45:57 -07:00
selinux y2038: syscall implementation cleanups 2019-12-01 14:00:59 -08:00
smack pipe: Reduce #inclusion of pipe_fs_i.h 2019-10-23 17:02:34 +01:00
tomoyo tomoyo: Don't use nifty names on sockets. 2019-12-11 19:54:10 +09:00
yama proc/sysctl: add shared variables for range check 2019-07-18 17:08:07 -07:00
commoncap.c Merge branch 'next-lsm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2019-07-09 12:24:21 -07:00
device_cgroup.c device_cgroup: Export devcgroup_check_permission 2019-10-07 15:11:38 -05:00
inode.c Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-07-19 10:42:02 -07:00
Kconfig Merge branch 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2019-09-28 08:14:15 -07:00
Kconfig.hardening meminit fix 2019-07-28 12:33:15 -07:00
lsm_audit.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
Makefile security: Add a static lockdown policy LSM 2019-08-19 21:54:15 -07:00
min_addr.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
security.c perf_event: Add support for LSM and SELinux checks 2019-10-17 21:31:55 +02:00