[PATCH v2] lsm: check size of writes
Paul Moore
paul at paul-moore.com
Sun Jan 5 03:51:43 UTC 2025
On Sat, Dec 21, 2024 at 5:01 AM Tetsuo Handa
<penguin-kernel at i-love.sakura.ne.jp> wrote:
> On 2024/12/19 6:51, Paul Moore wrote:
> > On Tue, Dec 17, 2024 at 1:27 PM Leo Stone <leocstone at gmail.com> wrote:
> >>
> >> syzbot attempts to write a buffer with a large size to a sysfs entry
> >> with writes handled by handle_policy_update(), triggering a warning
> >> in kmalloc.
> >>
> >> Check the size specified for write buffers before allocating.
> >>
> >> Reported-by: syzbot+4eb7a741b3216020043a at syzkaller.appspotmail.com
> >> Closes: https://syzkaller.appspot.com/bug?extid=4eb7a741b3216020043a
> >> Signed-off-by: Leo Stone <leocstone at gmail.com>
> >> ---
> >> v2: Make the check in handle_policy_update() to also cover
> >> safesetid_uid_file_write(). Thanks for your feedback.
> >> v1: https://lore.kernel.org/all/20241216030213.246804-2-leocstone@gmail.com/
> >> ---
> >> security/safesetid/securityfs.c | 3 +++
> >> 1 file changed, 3 insertions(+)
> >
> > Looks okay to me. Micah, are you planning to merge this patch, or
> > would you like me to take it via the LSM tree?
> >
> > Reviewed-by: Paul Moore <paul at paul-moore.com>
> >
> > I'm going to tag this to come back to it in a week or so in case we
> > don't hear from Micah, but if you don't see any further replies Leo,
> > feel free to send a gentle nudge ;)
>
> FYI: I sent
>
> https://lkml.kernel.org/r/014cd694-cc27-4a07-a34a-2ae95d744515@I-love.SAKURA.ne.jp
>
> which makes this patch redundant if my patch is accepted.
Sure, but this patch is trivial, and there is no way the
KMALLOC_MAX_SIZE is limiting any normal use of safesetid so it seems
safe to apply now. We can always revisit this change in the future
depending on how the rest of the kernel changes.
--
paul-moore.com
More information about the Linux-security-module-archive
mailing list