On 14/04/02, Mimi Zohar wrote: > On Wed, 2014-04-02 at 12:19 -0400, Richard Guy Briggs wrote: > > When task->comm is passed directly to audit_log_untrustedstring() without > > getting a copy or using the task_lock, there is a race that could happen > > that > > would output a NULL (\0) in the output string that would effectively > > truncate > > the rest of the report text after the comm= field in the audit, losing > > fields. > > > > Use get_task_comm() to get a copy while acquiring the task_lock to prevent > > this and to prevent the result from being a mixture of old and new values of > > comm. > > > > Signed-off-by: Richard Guy Briggs <[email protected]> > > --- > > security/integrity/integrity_audit.c | 3 ++- > > 1 files changed, 2 insertions(+), 1 deletions(-) > > > > diff --git a/security/integrity/integrity_audit.c > > b/security/integrity/integrity_audit.c > > index 85253b5..11706a2 100644 > > --- a/security/integrity/integrity_audit.c > > +++ b/security/integrity/integrity_audit.c > > @@ -33,6 +33,7 @@ void integrity_audit_msg(int audit_msgno, struct inode > > *inode, > > const char *cause, int result, int audit_info) > > { > > struct audit_buffer *ab; > > + char comm[sizeof(current->comm)]; > > > > if (!integrity_audit_info && audit_info == 1) /* Skip info messages */ > > return; > > @@ -49,7 +50,7 @@ void integrity_audit_msg(int audit_msgno, struct inode > > *inode, > > audit_log_format(ab, " cause="); > > audit_log_string(ab, cause); > > audit_log_format(ab, " comm="); > > - audit_log_untrustedstring(ab, current->comm); > > + audit_log_untrustedstring(ab, get_task_comm(comm, current)); > > if (fname) { > > audit_log_format(ab, " name="); > > audit_log_untrustedstring(ab, fname); > > This change is already being upstreamed as commit 73a6b44 "Integrity: > Pass commname via get_task_comm()".
Excellent. Missed that. Thanks. > thanks, > > Mimi - RGB -- Richard Guy Briggs <[email protected]> Senior Software Engineer, Kernel Security, AMER ENG Base Operating Systems, Red Hat Remote, Ottawa, Canada Voice: +1.647.777.2635, Internal: (81) 32635, Alt: +1.613.693.0684x3545 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
