[PATCH v2] lsm: check size of writes
Paul Moore
paul at paul-moore.com
Sun Jan 5 03:49:15 UTC 2025
On Wed, Dec 18, 2024 at 4:51 PM Paul Moore <paul at paul-moore.com> wrote:
> On Tue, Dec 17, 2024 at 1:27 PM Leo Stone <leocstone at gmail.com> wrote:
> >
> > syzbot attempts to write a buffer with a large size to a sysfs entry
> > with writes handled by handle_policy_update(), triggering a warning
> > in kmalloc.
> >
> > Check the size specified for write buffers before allocating.
> >
> > Reported-by: syzbot+4eb7a741b3216020043a at syzkaller.appspotmail.com
> > Closes: https://syzkaller.appspot.com/bug?extid=4eb7a741b3216020043a
> > Signed-off-by: Leo Stone <leocstone at gmail.com>
> > ---
> > v2: Make the check in handle_policy_update() to also cover
> > safesetid_uid_file_write(). Thanks for your feedback.
> > v1: https://lore.kernel.org/all/20241216030213.246804-2-leocstone@gmail.com/
> > ---
> > security/safesetid/securityfs.c | 3 +++
> > 1 file changed, 3 insertions(+)
>
> Looks okay to me. Micah, are you planning to merge this patch, or
> would you like me to take it via the LSM tree?
>
> Reviewed-by: Paul Moore <paul at paul-moore.com>
>
> I'm going to tag this to come back to it in a week or so in case we
> don't hear from Micah, but if you don't see any further replies Leo,
> feel free to send a gentle nudge ;)
I'm going to go ahead and merge this into lsm/dev, if Micah has a
problem with that I can always remove/revert if needed.
We may need to revisit safesetid's documented support status, but
that's a topic for another day.
Thanks everyone.
--
paul-moore.com
More information about the Linux-security-module-archive
mailing list