|
Message-ID: <CAHC9VhSmcGoaDzOp7xbwvh2pYusMS-ReBC5Nrqi5eZYCuZpR7g@mail.gmail.com> Date: Wed, 24 Jul 2019 11:18:41 -0400 From: Paul Moore <paul@...l-moore.com> To: Ondrej Mosnacek <omosnace@...hat.com> Cc: selinux@...r.kernel.org, NitinGote <nitin.r.gote@...el.com>, kernel-hardening@...ts.openwall.com, Kees Cook <keescook@...omium.org>, William Roberts <bill.c.roberts@...il.com> Subject: Re: [PATCH v2] selinux: check sidtab limit before adding a new entry On Tue, Jul 23, 2019 at 2:51 AM Ondrej Mosnacek <omosnace@...hat.com> wrote: > > We need to error out when trying to add an entry above SIDTAB_MAX in > sidtab_reverse_lookup() to avoid overflow on the odd chance that this > happens. > > Fixes: ee1a84fdfeed ("selinux: overhaul sidtab to fix bug and improve performance") > Signed-off-by: Ondrej Mosnacek <omosnace@...hat.com> > --- > security/selinux/ss/sidtab.c | 5 +++++ > 1 file changed, 5 insertions(+) Thanks. This looks like -stable material to me so I've marked it as such and merged it into selinux/stable-5.3; assuming it passes testing, and as long as I don't hear any objections, I'll send it up to Linus later this week. > diff --git a/security/selinux/ss/sidtab.c b/security/selinux/ss/sidtab.c > index e63a90ff2728..1f0a6eaa2d6a 100644 > --- a/security/selinux/ss/sidtab.c > +++ b/security/selinux/ss/sidtab.c > @@ -286,6 +286,11 @@ static int sidtab_reverse_lookup(struct sidtab *s, struct context *context, > ++count; > } > > + /* bail out if we already reached max entries */ > + rc = -EOVERFLOW; > + if (count >= SIDTAB_MAX) > + goto out_unlock; > + > /* insert context into new entry */ > rc = -ENOMEM; > dst = sidtab_do_lookup(s, count, 1); > -- > 2.21.0 -- paul moore www.paul-moore.com
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.