[PATCH] tomoyo: Don't emit WARNING: string while fuzzing testing.

Dmitry Vyukov dvyukov at google.com
Tue May 7 16:49:54 UTC 2019


From: James Morris <jmorris at namei.org>
Date: Tue, May 7, 2019 at 6:45 PM
To: Tetsuo Handa
Cc: <linux-security-module at vger.kernel.org>, Dmitry Vyukov

> On Tue, 7 May 2019, Tetsuo Handa wrote:
>
> > Commit cff0e6c3ec3e6230 ("tomoyo: Add a kernel config option for fuzzing
> > testing.") enabled the learning mode, and syzbot started crashing by
> > encountering this warning message. Disable this warning if built for
> > fuzzing testing; otherwise syzbot can't start fuzzing testing.
>
> syzbot crashed? Sounds like a bug in syzbot which should be fixed rather
> than this approach.

syzbot did not crash, it detected this as kernel crash.

> > Signed-off-by: Tetsuo Handa <penguin-kernel at I-love.SAKURA.ne.jp>
> > Cc: Dmitry Vyukov <dvyukov at google.com>
> > ---
> >  security/tomoyo/util.c | 2 ++
> >  1 file changed, 2 insertions(+)
> >
> > diff --git a/security/tomoyo/util.c b/security/tomoyo/util.c
> > index 0517cbd..52752e1 100644
> > --- a/security/tomoyo/util.c
> > +++ b/security/tomoyo/util.c
> > @@ -1076,8 +1076,10 @@ bool tomoyo_domain_quota_is_ok(struct tomoyo_request_info *r)
> >               domain->flags[TOMOYO_DIF_QUOTA_WARNED] = true;
> >               /* r->granted = false; */
> >               tomoyo_write_log(r, "%s", tomoyo_dif[TOMOYO_DIF_QUOTA_WARNED]);
> > +#ifndef CONFIG_SECURITY_TOMOYO_INSECURE_BUILTIN_SETTING
> >               pr_warn("WARNING: Domain '%s' has too many ACLs to hold. Stopped learning mode.\n",
> >                       domain->domainname->name);
> > +#endif
> >       }
> >       return false;
> >  }
> >
>
> --
> James Morris
> <jmorris at namei.org>
>



More information about the Linux-security-module-archive mailing list