[SELINUX] check return value for receive node permission (fwd)
From: James Morris
Date: Thu Mar 25 2004 - 09:55:42 EST
Looks like this got lost while lkml was down.
---------- Forwarded message ----------
Date: Thu, 25 Mar 2004 00:56:02 -0500 (EST)
From: James Morris <jmorris@xxxxxxxxxx>
To: Andrew Morton <akpm@xxxxxxxx>
Cc: Stephen Smalley <sds@xxxxxxxxxxxxxx>, linux-kernel@xxxxxxxxxxxxxxx
Subject: [SELINUX] check return value for receive node permission
This patch fixes a bug where the return value for a permission call is not
checked.
The bug was introduced when I added some code in the following changeset:
<http://linux.bkbits.net:8080/linux-2.5/diffs/security/selinux/hooks.c@xxxx?nav=index.html|src/|src/security|src/security/selinux|hist/security/selinux/hooks.c>
Code was added after this line:
err = avc_has_perm(isec->sid, node_sid, SECCLASS_NODE, node_perm, NULL, &ad);
without adding an explicit check of 'err', which was previously returned
from the function rather than being checked. i.e. it would drop through
to:
out:
return err;
}
With the new code added, err can (and typically would) be overwritten with
a successful value, causing the permission check to not deny permission if
needed. The intended denial would have been logged.
The patch below fixes this problem.
Please apply.
- James
--
James Morris
<jmorris@xxxxxxxxxx>
diff -urN -X dontdiff linux-2.6.5-rc2-mm2.o/security/selinux/hooks.c linux-2.6.5-rc2-mm2.w2/security/selinux/hooks.c
--- linux-2.6.5-rc2-mm2.o/security/selinux/hooks.c 2004-03-24 23:06:30.000000000 -0500
+++ linux-2.6.5-rc2-mm2.w2/security/selinux/hooks.c 2004-03-25 00:46:49.582735736 -0500
@@ -3040,6 +3040,8 @@
goto out;
err = avc_has_perm(isec->sid, node_sid, SECCLASS_NODE, node_perm, NULL, &ad);
+ if (err)
+ goto out;
if (recv_perm) {
u32 port_sid;
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/