| Message ID | 1381242218-24314-1-git-send-email-tim.gardner@canonical.com |
|---|---|
| State | New |
| Headers | show |
Tim Gardner <tim.gardner@canonical.com> writes: > From: "Passion,Zhao" <passion.zhao@intel.com> > > BugLink: http://bugs.launchpad.net/bugs/1236743 > > Bug report: https://tizendev.org/bugs/browse/TDIS-3891 > > The reason is userspace libsmack only use "smackfs/cipso2" long-label interface, > but the code's logical is still for orginal fixed length label. Now update > smack_cipso_apply() to support flexible label (<=256 including tailing '\0') > > There is also a bug in kernel/security/smack/smackfs.c: > When smk_set_cipso() parsing the CIPSO setting from userspace, the offset of > CIPSO level should be "strlen(label)+1" instead of "strlen(label)" > > Signed-off-by: Passion,Zhao <passion.zhao@intel.com> > (cherry picked from commit 0fcfee61d63b82c1eefb5b1a914240480f17d63f) > Signed-off-by: Tim Gardner <tim.gardner@canonical.com> > --- > > This seems like a good candidate for stable 3.5 - 3.10 Yep, I'm queuing it for 3.5. Thanks. Cheers,
On Tue, Oct 08, 2013 at 08:23:38AM -0600, Tim Gardner wrote: > From: "Passion,Zhao" <passion.zhao@intel.com> > > BugLink: http://bugs.launchpad.net/bugs/1236743 > > Bug report: https://tizendev.org/bugs/browse/TDIS-3891 > > The reason is userspace libsmack only use "smackfs/cipso2" long-label interface, > but the code's logical is still for orginal fixed length label. Now update > smack_cipso_apply() to support flexible label (<=256 including tailing '\0') > > There is also a bug in kernel/security/smack/smackfs.c: > When smk_set_cipso() parsing the CIPSO setting from userspace, the offset of > CIPSO level should be "strlen(label)+1" instead of "strlen(label)" > > Signed-off-by: Passion,Zhao <passion.zhao@intel.com> > (cherry picked from commit 0fcfee61d63b82c1eefb5b1a914240480f17d63f) > Signed-off-by: Tim Gardner <tim.gardner@canonical.com> > --- > > This seems like a good candidate for stable 3.5 - 3.10 > > security/smack/smackfs.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c > index 76a5dca..c4fe705 100644 > --- a/security/smack/smackfs.c > +++ b/security/smack/smackfs.c > @@ -818,7 +818,7 @@ static ssize_t smk_set_cipso(struct file *file, const char __user *buf, > if (format == SMK_FIXED24_FMT) > rule += SMK_LABELLEN; > else > - rule += strlen(skp->smk_known); > + rule += strlen(skp->smk_known) + 1; > > ret = sscanf(rule, "%d", &maplevel); > if (ret != 1 || maplevel > SMACK_CIPSO_MAXLEVEL) Looks to make sense, else we will also sscanf against the \0 of the string in the variable case. Acked-by: Andy Whitcroft <apw@canonical.com> -apw
Applied to Quantal and Raring. -apw
On Tue, 2013-10-08 at 08:23 -0600, Tim Gardner wrote: > From: "Passion,Zhao" <passion.zhao@intel.com> > > BugLink: http://bugs.launchpad.net/bugs/1236743 > > Bug report: https://tizendev.org/bugs/browse/TDIS-3891 > > The reason is userspace libsmack only use "smackfs/cipso2" long-label interface, > but the code's logical is still for orginal fixed length label. Now update > smack_cipso_apply() to support flexible label (<=256 including tailing '\0') > > There is also a bug in kernel/security/smack/smackfs.c: > When smk_set_cipso() parsing the CIPSO setting from userspace, the offset of > CIPSO level should be "strlen(label)+1" instead of "strlen(label)" > > Signed-off-by: Passion,Zhao <passion.zhao@intel.com> > (cherry picked from commit 0fcfee61d63b82c1eefb5b1a914240480f17d63f) > Signed-off-by: Tim Gardner <tim.gardner@canonical.com> > --- > > This seems like a good candidate for stable 3.5 - 3.10 Thanks Tim ... queued for 3.8-stable. -Kamal > security/smack/smackfs.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c > index 76a5dca..c4fe705 100644 > --- a/security/smack/smackfs.c > +++ b/security/smack/smackfs.c > @@ -818,7 +818,7 @@ static ssize_t smk_set_cipso(struct file *file, const char __user *buf, > if (format == SMK_FIXED24_FMT) > rule += SMK_LABELLEN; > else > - rule += strlen(skp->smk_known); > + rule += strlen(skp->smk_known) + 1; > > ret = sscanf(rule, "%d", &maplevel); > if (ret != 1 || maplevel > SMACK_CIPSO_MAXLEVEL) > -- > 1.7.9.5 > >
diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c index 76a5dca..c4fe705 100644 --- a/security/smack/smackfs.c +++ b/security/smack/smackfs.c @@ -818,7 +818,7 @@ static ssize_t smk_set_cipso(struct file *file, const char __user *buf, if (format == SMK_FIXED24_FMT) rule += SMK_LABELLEN; else - rule += strlen(skp->smk_known); + rule += strlen(skp->smk_known) + 1; ret = sscanf(rule, "%d", &maplevel); if (ret != 1 || maplevel > SMACK_CIPSO_MAXLEVEL)