[tomoyo-users-en 448] Re: Tomoyo 2.5 and sockets beginning with nullcharacters

Sat, 14 Jan 2012 18:06:22 -0800 

Steven Allen wrote:
> In Tomoyo 2.5 (kernel 3.2.1) I am unable to add ACLs for sockets with
> null characters as per:
> http://tomoyo.sourceforge.jp/2.5/policy-specification/domain-policy-syntax.html.en
> 
> Nothing happens when I add them through tomoyo-editpolicy. If I manually
> add them to the domain policy, they are removed on load. Using \?
> instead of \000 works. Policy violations involving \000 are correctly
> logged.
> 
> The ACL in question:
> network unix stream connect \000/tmp/.X11-unix/X\$
> 
Thank you for catching this bug. I found below difference between
http://tomoyo.sourceforge.jp/cgi-bin/lxr/ident?i=ccs_correct_word2 and
http://tomoyo.sourceforge.jp/cgi-bin/lxr/ident?i=tomoyo_correct_word2 .

Below patch should fix this bug. (And if the patch works, please reply to
[email protected] because I'm unable to send mails to / receive mails from
vger.kernel.org domain due to unknown problem since 05 Jan 2012 17:20 GMT.)
----------------------------------------
[PATCH] TOMOYO: Accept \000 as a valid character.

TOMOYO 2.5 in Linux 3.2 and later handles Unix domain socket's address.
Thus, tomoyo_correct_word2() needs to accept \000 as a valid character, or
TOMOYO 2.5 cannot handle Unix domain's abstract socket address.

Reported-by: Steven Allen <[email protected]>
Signed-off-by: Tetsuo Handa <[email protected]>
CC: [email protected] [3.2+]
----------
diff --git a/security/tomoyo/util.c b/security/tomoyo/util.c
index 4a9b4b2..867558c 100644
--- a/security/tomoyo/util.c
+++ b/security/tomoyo/util.c
@@ -492,13 +492,13 @@ static bool tomoyo_correct_word2(const char *string, 
size_t len)
                                if (d < '0' || d > '7' || e < '0' || e > '7')
                                        break;
                                c = tomoyo_make_byte(c, d, e);
-                               if (tomoyo_invalid(c))
-                                       continue; /* pattern is not \000 */
+                               if (c <= ' ' || c >= 127)
+                                       continue;
                        }
                        goto out;
                } else if (in_repetition && c == '/') {
                        goto out;
-               } else if (tomoyo_invalid(c)) {
+               } else if (c <= ' ' || c >= 127) {
                        goto out;
                }
        }

_______________________________________________
tomoyo-users-en mailing list
[email protected]
http://lists.sourceforge.jp/mailman/listinfo/tomoyo-users-en

Reply via email to