tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge tag 'selinux-pr-20190612' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux

Pull selinux fixes from Paul Moore:
"Three patches for v5.2.

One fixes a problem where we weren't correctly logging raw SELinux
labels, the other two fix problems where we weren't properly checking
calls to kmemdup()"

* tag 'selinux-pr-20190612' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux:
selinux: fix a missing-check bug in selinux_sb_eat_lsm_opts()
selinux: fix a missing-check bug in selinux_add_mnt_opt( )
selinux: log raw contexts as untrusted strings

Linus Torvalds b076173a 35110e38

+36 -13
+8 -2
security/selinux/avc.c
··· 739 739 rc = security_sid_to_context_inval(sad->state, sad->ssid, &scontext, 740 740 &scontext_len); 741 741 if (!rc && scontext) { 742 - audit_log_format(ab, " srawcon=%s", scontext); 742 + if (scontext_len && scontext[scontext_len - 1] == '\0') 743 + scontext_len--; 744 + audit_log_format(ab, " srawcon="); 745 + audit_log_n_untrustedstring(ab, scontext, scontext_len); 743 746 kfree(scontext); 744 747 } 745 748 746 749 rc = security_sid_to_context_inval(sad->state, sad->tsid, &scontext, 747 750 &scontext_len); 748 751 if (!rc && scontext) { 749 - audit_log_format(ab, " trawcon=%s", scontext); 752 + if (scontext_len && scontext[scontext_len - 1] == '\0') 753 + scontext_len--; 754 + audit_log_format(ab, " trawcon="); 755 + audit_log_n_untrustedstring(ab, scontext, scontext_len); 750 756 kfree(scontext); 751 757 } 752 758 }
+28 -11
security/selinux/hooks.c
··· 1052 1052 if (token == Opt_error) 1053 1053 return -EINVAL; 1054 1054 1055 - if (token != Opt_seclabel) 1055 + if (token != Opt_seclabel) { 1056 1056 val = kmemdup_nul(val, len, GFP_KERNEL); 1057 + if (!val) { 1058 + rc = -ENOMEM; 1059 + goto free_opt; 1060 + } 1061 + } 1057 1062 rc = selinux_add_opt(token, val, mnt_opts); 1058 1063 if (unlikely(rc)) { 1059 1064 kfree(val); 1060 - if (*mnt_opts) { 1061 - selinux_free_mnt_opts(*mnt_opts); 1062 - *mnt_opts = NULL; 1063 - } 1065 + goto free_opt; 1066 + } 1067 + return rc; 1068 + 1069 + free_opt: 1070 + if (*mnt_opts) { 1071 + selinux_free_mnt_opts(*mnt_opts); 1072 + *mnt_opts = NULL; 1064 1073 } 1065 1074 return rc; 1066 1075 } ··· 2625 2616 char *from = options; 2626 2617 char *to = options; 2627 2618 bool first = true; 2619 + int rc; 2628 2620 2629 2621 while (1) { 2630 2622 int len = opt_len(from); 2631 - int token, rc; 2623 + int token; 2632 2624 char *arg = NULL; 2633 2625 2634 2626 token = match_opt_prefix(from, len, &arg); ··· 2645 2635 *q++ = c; 2646 2636 } 2647 2637 arg = kmemdup_nul(arg, q - arg, GFP_KERNEL); 2638 + if (!arg) { 2639 + rc = -ENOMEM; 2640 + goto free_opt; 2641 + } 2648 2642 } 2649 2643 rc = selinux_add_opt(token, arg, mnt_opts); 2650 2644 if (unlikely(rc)) { 2651 2645 kfree(arg); 2652 - if (*mnt_opts) { 2653 - selinux_free_mnt_opts(*mnt_opts); 2654 - *mnt_opts = NULL; 2655 - } 2656 - return rc; 2646 + goto free_opt; 2657 2647 } 2658 2648 } else { 2659 2649 if (!first) { // copy with preceding comma ··· 2671 2661 } 2672 2662 *to = '\0'; 2673 2663 return 0; 2664 + 2665 + free_opt: 2666 + if (*mnt_opts) { 2667 + selinux_free_mnt_opts(*mnt_opts); 2668 + *mnt_opts = NULL; 2669 + } 2670 + return rc; 2674 2671 } 2675 2672 2676 2673 static int selinux_sb_remount(struct super_block *sb, void *mnt_opts)