sleep in selinux_audit_rule_init
Mimi Zohar
zohar at linux.ibm.com
Wed May 22 13:00:22 UTC 2019
On Wed, 2019-05-22 at 08:41 -0400, Stephen Smalley wrote:
> Another potentially worrisome aspect of the current
> ima_lsm_update_rules() logic is that it does a BUG_ON() if the attempt
> to update the rule fails, which could occur if e.g. one had an IMA
> policy rule based on a given domain/type and that domain/type were
> removed from policy (e.g. via policy module removal). Contrast with the
> handling in audit_dupe_lsm_field(). The existing ima_lsm_update_rules()
> logic could also yield a BUG_ON upon transient memory allocation failure.
The original design was based on the assumption that SELinux labels
could not be removed, only new ones could be added. Sounds like that
isn't the case any longer.
Mimi
More information about the Linux-security-module-archive
mailing list