[PATCH v2] tomoyo: Don't check open/getattr permission on sockets.
Tetsuo Handa
penguin-kernel at i-love.sakura.ne.jp
Thu Nov 21 13:59:48 UTC 2019
On 2019/11/21 19:18, Tetsuo Handa wrote:
> On 2019/11/21 16:21, James Morris wrote:
>> On Wed, 13 Nov 2019, Tetsuo Handa wrote:
>>
>>> Hello, Andrew and James.
>>>
>>> I have difficulty setting up environments for sending pull request to linux.git
>>> (nobody around me knows Linux kernel maintainer's workflow at the command line level).
>>> Can you pick up the following commit via mmotm or linux-security.git tree?
>>
>> Not sure if your fix is complete.
>>
>> Are there other potential paths to trigger this via tomoyo_path_perm() ?
>>
>> e.g. call unlink(2) on /proc/pid/fd/sockfd
>
> I think they are safe. For example, unlink(2) checks that
> inode is valid before calling security_path_unlink().
Hmm, since unlink(2) locks parent's inode instead of inode to be removed itself,
there is indeed possibility that tomoyo_path_perm() races with __sock_release().
We need another patch...
More information about the Linux-security-module-archive
mailing list