subject:"Re\: \[2.6 patch\] security\/selinux\/netlabel.c\: fix double free"

Re: [2.6 patch] security/selinux/netlabel.c: fix double free

2008-01-28 Thread Paul Moore

On Monday 28 January 2008 5:35:40 pm Adrian Bunk wrote:
> On Mon, Jan 28, 2008 at 05:23:46PM -0500, Paul Moore wrote:
> > Thanks for finding this mistake, however, I'd rather see it fixed
> > by removing the netlbl_secattr_destroy() call in
> > security_netlbl_sid_to_secattr() as it really shouldn't be there
> > anymore.  We moved the matching _init() call into
> > selinux_netlbl_sock_setsid() and I'd like to see the _init() and
> > _destroy() calls done in the same function.  I can push a revised
> > patch for this if you would prefer, otherwise I'll be happy to ack
> > an updated version ...
>
> doing the patch is trivial but you are able to write a better
> changelog for it - just push a revised patch.

Will do, thanks.

-- 
paul moore
linux security @ hp
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Re: [2.6 patch] security/selinux/netlabel.c: fix double free

2008-01-28 Thread Adrian Bunk

On Mon, Jan 28, 2008 at 05:23:46PM -0500, Paul Moore wrote:
> On Monday 28 January 2008 5:09:38 pm Adrian Bunk wrote:
> > This patch fixes a double free (security_netlbl_sid_to_secattr()
> > already calls netlbl_secattr_destroy() when it returns !0) introduced
> > by commit 45c950e0f839fded922ebc0bfd59b1081cc71b70 and spotted by the
> > Coverity checker.
> 
> Hi Adrian,

Hi Paul,

> Thanks for finding this mistake, however, I'd rather see it fixed by 
> removing the netlbl_secattr_destroy() call in 
> security_netlbl_sid_to_secattr() as it really shouldn't be there 
> anymore.  We moved the matching _init() call into 
> selinux_netlbl_sock_setsid() and I'd like to see the _init() and 
> _destroy() calls done in the same function.  I can push a revised patch 
> for this if you would prefer, otherwise I'll be happy to ack an updated 
> version ...

doing the patch is trivial but you are able to write a better 
changelog for it - just push a revised patch.

> paul moore

cu
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Re: [2.6 patch] security/selinux/netlabel.c: fix double free

2008-01-28 Thread Paul Moore

On Monday 28 January 2008 5:09:38 pm Adrian Bunk wrote:
> This patch fixes a double free (security_netlbl_sid_to_secattr()
> already calls netlbl_secattr_destroy() when it returns !0) introduced
> by commit 45c950e0f839fded922ebc0bfd59b1081cc71b70 and spotted by the
> Coverity checker.

Hi Adrian,

Thanks for finding this mistake, however, I'd rather see it fixed by 
removing the netlbl_secattr_destroy() call in 
security_netlbl_sid_to_secattr() as it really shouldn't be there 
anymore.  We moved the matching _init() call into 
selinux_netlbl_sock_setsid() and I'd like to see the _init() and 
_destroy() calls done in the same function.  I can push a revised patch 
for this if you would prefer, otherwise I'll be happy to ack an updated 
version ...

> Signed-off-by: Adrian Bunk <[EMAIL PROTECTED]>
>
> ---
> --- linux-2.6/security/selinux/netlabel.c.old 2008-01-23
> 00:38:19.0 +0200 +++
> linux-2.6/security/selinux/netlabel.c 2008-01-23 00:39:09.0
> +0200 @@ -58,22 +58,22 @@ static int selinux_netlbl_sock_setsid(st rc
> = security_netlbl_sid_to_secattr(sid, );
>   if (rc != 0)
>   goto sock_setsid_return;
>   rc = netlbl_sock_setattr(sk, );
>   if (rc == 0) {
>   spin_lock_bh(>nlbl_lock);
>   sksec->nlbl_state = NLBL_LABELED;
>   spin_unlock_bh(>nlbl_lock);
>   }
>
> -sock_setsid_return:
>   netlbl_secattr_destroy();
> +sock_setsid_return:
>   return rc;
>  }
>
>  /**
>   * selinux_netlbl_cache_invalidate - Invalidate the NetLabel cache
>   *
>   * Description:
>   * Invalidate the NetLabel security attribute mapping cache.
>   *
>   */



-- 
paul moore
linux security @ hp
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Re: [2.6 patch] security/selinux/netlabel.c: fix double free

2008-01-28 Thread Paul Moore

On Monday 28 January 2008 5:09:38 pm Adrian Bunk wrote:
 This patch fixes a double free (security_netlbl_sid_to_secattr()
 already calls netlbl_secattr_destroy() when it returns !0) introduced
 by commit 45c950e0f839fded922ebc0bfd59b1081cc71b70 and spotted by the
 Coverity checker.

Hi Adrian,

Thanks for finding this mistake, however, I'd rather see it fixed by 
removing the netlbl_secattr_destroy() call in 
security_netlbl_sid_to_secattr() as it really shouldn't be there 
anymore.  We moved the matching _init() call into 
selinux_netlbl_sock_setsid() and I'd like to see the _init() and 
_destroy() calls done in the same function.  I can push a revised patch 
for this if you would prefer, otherwise I'll be happy to ack an updated 
version ...

 Signed-off-by: Adrian Bunk [EMAIL PROTECTED]

 ---
 --- linux-2.6/security/selinux/netlabel.c.old 2008-01-23
 00:38:19.0 +0200 +++
 linux-2.6/security/selinux/netlabel.c 2008-01-23 00:39:09.0
 +0200 @@ -58,22 +58,22 @@ static int selinux_netlbl_sock_setsid(st rc
 = security_netlbl_sid_to_secattr(sid, secattr);
   if (rc != 0)
   goto sock_setsid_return;
   rc = netlbl_sock_setattr(sk, secattr);
   if (rc == 0) {
   spin_lock_bh(sksec-nlbl_lock);
   sksec-nlbl_state = NLBL_LABELED;
   spin_unlock_bh(sksec-nlbl_lock);
   }

 -sock_setsid_return:
   netlbl_secattr_destroy(secattr);
 +sock_setsid_return:
   return rc;
  }

  /**
   * selinux_netlbl_cache_invalidate - Invalidate the NetLabel cache
   *
   * Description:
   * Invalidate the NetLabel security attribute mapping cache.
   *
   */



-- 
paul moore
linux security @ hp
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Re: [2.6 patch] security/selinux/netlabel.c: fix double free

2008-01-28 Thread Adrian Bunk

On Mon, Jan 28, 2008 at 05:23:46PM -0500, Paul Moore wrote:
 On Monday 28 January 2008 5:09:38 pm Adrian Bunk wrote:
  This patch fixes a double free (security_netlbl_sid_to_secattr()
  already calls netlbl_secattr_destroy() when it returns !0) introduced
  by commit 45c950e0f839fded922ebc0bfd59b1081cc71b70 and spotted by the
  Coverity checker.
 
 Hi Adrian,

Hi Paul,

 Thanks for finding this mistake, however, I'd rather see it fixed by 
 removing the netlbl_secattr_destroy() call in 
 security_netlbl_sid_to_secattr() as it really shouldn't be there 
 anymore.  We moved the matching _init() call into 
 selinux_netlbl_sock_setsid() and I'd like to see the _init() and 
 _destroy() calls done in the same function.  I can push a revised patch 
 for this if you would prefer, otherwise I'll be happy to ack an updated 
 version ...

doing the patch is trivial but you are able to write a better 
changelog for it - just push a revised patch.

 paul moore

cu
Adrian

-- 

   Is there not promise of rain? Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   Only a promise, Lao Er said.
   Pearl S. Buck - Dragon Seed

--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Re: [2.6 patch] security/selinux/netlabel.c: fix double free

2008-01-28 Thread Paul Moore

On Monday 28 January 2008 5:35:40 pm Adrian Bunk wrote:
 On Mon, Jan 28, 2008 at 05:23:46PM -0500, Paul Moore wrote:
  Thanks for finding this mistake, however, I'd rather see it fixed
  by removing the netlbl_secattr_destroy() call in
  security_netlbl_sid_to_secattr() as it really shouldn't be there
  anymore.  We moved the matching _init() call into
  selinux_netlbl_sock_setsid() and I'd like to see the _init() and
  _destroy() calls done in the same function.  I can push a revised
  patch for this if you would prefer, otherwise I'll be happy to ack
  an updated version ...

 doing the patch is trivial but you are able to write a better
 changelog for it - just push a revised patch.

Will do, thanks.

-- 
paul moore
linux security @ hp
--
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Re: [2.6 patch] security/selinux/netlabel.c: fix double free

Re: [2.6 patch] security/selinux/netlabel.c: fix double free

Re: [2.6 patch] security/selinux/netlabel.c: fix double free

Re: [2.6 patch] security/selinux/netlabel.c: fix double free

Re: [2.6 patch] security/selinux/netlabel.c: fix double free

Re: [2.6 patch] security/selinux/netlabel.c: fix double free

6 matches

Site Navigation

Mail list logo

Footer information