[PATCH v2] general protection fault in sock_has_perm
Mark Salyzyn
salyzyn at android.com
Thu Feb 1 16:20:13 UTC 2018
On 02/01/2018 08:00 AM, Paul Moore wrote:
> On Thu, Feb 1, 2018 at 10:37 AM, Mark Salyzyn <salyzyn at android.com> wrote:
>> In the absence of commit a4298e4522d6 ("net: add SOCK_RCU_FREE socket
>> flag") and all the associated infrastructure changes to take advantage
>> of a RCU grace period before freeing, there is a heightened
>> possibility that a security check is performed while an ill-timed
>> setsockopt call races in from user space. It then is prudent to null
>> check sk_security, and if the case, reject the permissions.
>>
>> . . .
>> ---[ end trace 7b5aaf788fef6174 ]---
>>
>> Signed-off-by: Mark Salyzyn <salyzyn at android.com>
>> Signed-off-by: Paul Moore <paul at linuxfoundation.org>
> No, in the previous thread I gave my ack, not my sign-off; please be
> more careful in the future. It may seem silly, especially in this
> particular case, but it is an important distinction when things like
> the DCO are concerned.
>
> Anyway, here is my ack again.
>
> Acked-by: Paul Moore <paul at paul-moore.com>
>
Ok, both Greg KH and yours should be considered Acked-By. Been
overstepping this boundary for _years_. AFAIK Signed-off-by is still
pending from Stephen Smalley <sds at tycho.nsa.gov> before this can roll in.
Lesson lurned
-- Mark
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
More information about the Linux-security-module-archive
mailing list