[CentOS-devel] TOMOYO security module in the centosplus kernel
Tetsuo Handa
from-centos at I-love.SAKURA.ne.jp
Thu Dec 29 01:31:21 UTC 2011
Akemi Yagi wrote:
> > Karanbir Singh wrote:
> >> On 10/27/2011 04:57 AM, Tetsuo Handa wrote:
> >> > My apologies. I was misunderstanding. I was assuming that making changes in
> >> > "struct security_operations" breaks the kABI. But it seems it does not.
> >>
> >> excellent, lets do it then.
> >>
> > I see. Created http://bugs.centos.org/view.php?id=5219 for this topic.
>
> As can be seen in that bug report, the centosplus kernel has had
> TOMOYO security module enabled since kernel-2.6.32-131.21.1.el6.
>
> Handa-san, do you think it is a good idea to apply patches [1]
> referenced on the TOMOYO 2.2 page [2]?
Well, nobody has ever hit this race. But if carrying below patch does not
bother toracat, it is nice to have below patch applied.
----------
[PATCH] TOMOYO: Fix race on updating profile's comment line.
commit 2a086e5d3a23570735f75b784d29b93068070833 upstream.
tomoyo_save_name() in tomoyo_write_profile() may return NULL.
Therefore,
profile->comment ? profile->comment->name : ""
in tomoyo_read_profile() may race.
Keep the old value rather than replace with empty string when out of memory
error has occurred.
Signed-off-by: Xiaochen Wang <wangxiaochen0 at gmail.com>
Signed-off-by: Tetsuo Handa <penguin-kernel at I-love.SAKURA.ne.jp>
---
security/tomoyo/common.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
--- linux-2.6.32.49.orig/security/tomoyo/common.c
+++ linux-2.6.32.49/security/tomoyo/common.c
@@ -924,7 +924,11 @@ static int tomoyo_write_profile(struct t
return -EINVAL;
*cp = '\0';
if (!strcmp(data, "COMMENT")) {
- profile->comment = tomoyo_save_name(cp + 1);
+ const struct tomoyo_path_info *new_comment
+ = tomoyo_save_name(cp + 1);
+ if (!new_comment)
+ return -ENOMEM;
+ profile->comment = new_comment;
return 0;
}
for (i = 0; i < TOMOYO_MAX_CONTROL_INDEX; i++) {
----------
Regards.
More information about the CentOS-devel
mailing list