Looks like issue in handling active_nodes count in 4.19 kernel .
Stephen Smalley
sds at tycho.nsa.gov
Thu Dec 19 16:00:24 UTC 2019
On 12/19/19 4:48 AM, Ravi Kumar Siddojigari wrote:
> Sorry , Re-adding the patch below as requested.
>
> Stephen ,
> Issue is fixed with this 2 changes , Issue as even reproduced on v4.14 and similar changes work there also .
It would be preferable if you sent the patch directly via git send-email
or similar. In any event, for the final version, we should drop the
Change-Id because it is Android-specific and we should add a Fixes line
like so:
Fixes: fa1aa143ac4a ("selinux: extended permissions for ioctls")
Given the behavior you are describing and the fact that you could
reproduce it on v4.14 as well, I would recommend marking both it and
Paul's earlier patch for stable (Paul will do this if he agrees; no
action required by you).
>
> --
> From 77c618006397c7a65ead257f3cb4e4fe3da2d4b8 Mon Sep 17 00:00:00 2001
> From: Jaihind Yadav <jaihindyadav at codeaurora.org>
> Date: Tue, 17 Dec 2019 17:25:47 +0530
> Subject: [PATCH] selinux: ensure we cleanup the internal AVC counters on error
> in avc_update()
>
> In AVC update we don't call avc_node_kill() when avc_xperms_populate()
> fails, resulting in the avc->avc_cache.active_nodes counter having a
> false value. In last patch this changes was missed , so correcting it.
>
> Change-Id: Ic0298162cc766c0f21be7ab232e259766654dad3
> Signed-off-by: Ravi Kumar Siddojigari <rsiddoji at codeaurora.org>
> ---
> security/selinux/avc.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/security/selinux/avc.c b/security/selinux/avc.c
> index 91d24c2..3d1cff2 100644
> --- a/security/selinux/avc.c
> +++ b/security/selinux/avc.c
> @@ -913,7 +913,7 @@ static int avc_update_node(struct selinux_avc *avc,
> if (orig->ae.xp_node) {
> rc = avc_xperms_populate(node, orig->ae.xp_node);
> if (rc) {
> - kmem_cache_free(avc_node_cachep, node);
> + avc_node_kill(avc, node);
> goto out_unlock;
> }
> }
> --
> 1.9.1
>
> Br,
>
More information about the Linux-security-module-archive
mailing list