Re: [PATCH 1/2] ima: check xattr value length in ima_inode_setxattr()

From: Mimi Zohar
Date: Thu Oct 23 2014 - 23:52:38 EST

Previous message: hujianyang: "Re: [PATCH V5] mtd: ubi: Extend UBI layer debug/messaging capabilities"
In reply to: James Morris: "Re: [PATCH 1/2] ima: check xattr value length in ima_inode_setxattr()"
Next in thread: Dmitry Kasatkin: "[PATCH 2/2] evm: check xattr value length in evm_inode_setxattr()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 2014-10-24 at 13:55 +1100, James Morris wrote:
> On Thu, 23 Oct 2014, Dmitry Kasatkin wrote:
>
> > ima_inode_setxattr() can be called with no value. Function does not
> > check the length so that following command can be used to produce
> > kernel oops: setfattr -n security.ima FOO. This patch fixes it.
>
> I'd like to see more review/acks on this before sending it to Linus.
>
> Mimi?

This fixes the oops, but a more complete solution would at least test
the first byte, verifying that it is valid. As previously described
http://sourceforge.net/p/linux-ima/mailman/message/32958242/ I think we
can do better than this.

Mimi

>
>
> --
> James Morris
> <jmorris@xxxxxxxxx>
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Previous message: hujianyang: "Re: [PATCH V5] mtd: ubi: Extend UBI layer debug/messaging capabilities"
In reply to: James Morris: "Re: [PATCH 1/2] ima: check xattr value length in ima_inode_setxattr()"
Next in thread: Dmitry Kasatkin: "[PATCH 2/2] evm: check xattr value length in evm_inode_setxattr()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]