[PATCH 69/90] LSM: Use full security context in security_inode_setsecctx

Casey Schaufler casey at schaufler-ca.com
Mon Apr 22 20:45:10 UTC 2019


On 4/22/2019 6:13 AM, Tetsuo Handa wrote:
> On 2019/04/19 9:45, Casey Schaufler wrote:
>> +	hlist_for_each_entry(hp, &security_hook_heads.inode_setsecctx, list) {
>> +		if (strncmp(ctx, hp->lsm, strlen(hp->lsm))) {
>> +			WARN_ONCE(1, "security_inode_setsecctx form1 error\n");
>> +			rc = -EINVAL;
>> +			break;
>> +		}
> Will you avoid using WARN*() ?
> Since syzbot tests using panic_on_warn == 1, this WARN_ONCE() will act as panic().

If syzbot hits any of the WARN_ONCE()s in security_inode_setsecctx()
I want it to panic and generate a report. A badly formatted inode secctx
would indicate that kernfs isn't getting the string from
security_inode_getsecctx() or that it is getting corrupted somehow. In
either case, it would be a bug that needs fixing. I used WARN instead of
BUG for the kernfs people, who might break something by accident.

If there's a strong objection to WARN_ONCE() in general, I can pull it.
  



More information about the Linux-security-module-archive mailing list