Re: [PATCH v2] tomoyo: Don't check open/getattr permission on sockets.

From: Tetsuo Handa
Date: Thu Aug 22 2019 - 09:44:27 EST

Next message: Rahul Tanwar: "[PATCH v1 0/2] x86/rtc: Add option to skip using RTC"
Previous message: Guennadi Liakhovetski: "Re: [RFC PATCH 4/5] ASoC: SOF: Intel: hda: add SoundWire stream config/free callbacks"
In reply to: Eric Biggers: "Re: [PATCH v2] tomoyo: Don't check open/getattr permission on sockets."
Next in thread: Eric Biggers: "Re: [PATCH v2] tomoyo: Don't check open/getattr permission on sockets."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Eric Biggers wrote:
> On Thu, Aug 22, 2019 at 03:55:31PM +0900, Tetsuo Handa wrote:
> > > Also, isn't the same bug in other places too?:
> > >
> > > - tomoyo_path_chmod()
> > > - tomoyo_path_chown()
> > > - smack_inode_getsecurity()
> > > - smack_inode_setsecurity()
> >
> > What's the bug? The file descriptor returned by open(O_PATH) cannot be
> > passed to read(2), write(2), fchmod(2), fchown(2), fgetxattr(2), mmap(2) etc.
> >
>
> chmod(2), chown(2), getxattr(2), and setxattr(2) take a path, not a fd.
>

OK. Then, is the correct fix

inode_lock(inode);
if (SOCKET_I(inode)->sk) {
// Can access SOCKET_I(sock)->sk->*
} else {
// Already close()d. Don't touch.
}
inode_unlock(inode);

thanks to

commit 6d8c50dcb029872b ("socket: close race condition between sock_close() and sockfs_setattr()")
commit ff7b11aa481f682e ("net: socket: set sock->sk to NULL after calling proto_ops::release()")

changes?

Next message: Rahul Tanwar: "[PATCH v1 0/2] x86/rtc: Add option to skip using RTC"
Previous message: Guennadi Liakhovetski: "Re: [RFC PATCH 4/5] ASoC: SOF: Intel: hda: add SoundWire stream config/free callbacks"
In reply to: Eric Biggers: "Re: [PATCH v2] tomoyo: Don't check open/getattr permission on sockets."
Next in thread: Eric Biggers: "Re: [PATCH v2] tomoyo: Don't check open/getattr permission on sockets."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]