[PATCH v2] general protection fault in sock_has_perm
Greg KH
gregkh at linuxfoundation.org
Thu Feb 1 17:04:47 UTC 2018
On Thu, Feb 01, 2018 at 08:20:13AM -0800, Mark Salyzyn wrote:
> On 02/01/2018 08:00 AM, Paul Moore wrote:
> > On Thu, Feb 1, 2018 at 10:37 AM, Mark Salyzyn <salyzyn at android.com> wrote:
> > > In the absence of commit a4298e4522d6 ("net: add SOCK_RCU_FREE socket
> > > flag") and all the associated infrastructure changes to take advantage
> > > of a RCU grace period before freeing, there is a heightened
> > > possibility that a security check is performed while an ill-timed
> > > setsockopt call races in from user space. It then is prudent to null
> > > check sk_security, and if the case, reject the permissions.
> > >
> > > . . .
> > > ---[ end trace 7b5aaf788fef6174 ]---
> > >
> > > Signed-off-by: Mark Salyzyn <salyzyn at android.com>
> > > Signed-off-by: Paul Moore <paul at linuxfoundation.org>
> > No, in the previous thread I gave my ack, not my sign-off; please be
> > more careful in the future. It may seem silly, especially in this
> > particular case, but it is an important distinction when things like
> > the DCO are concerned.
> >
> > Anyway, here is my ack again.
> >
> > Acked-by: Paul Moore <paul at paul-moore.com>
> >
> Ok, both Greg KH and yours should be considered Acked-By. Been overstepping
> this boundary for _years_. AFAIK Signed-off-by is still pending from Stephen
> Smalley <sds at tycho.nsa.gov> before this can roll in.
An ack is all I need here, or I can just rely on Paul's :)
I'll edit up Paul's when I apply this.
thanks,
greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
More information about the Linux-security-module-archive
mailing list