| Message ID | 20240223190546.3329966-2-mic@digikod.net |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel+bounces-79015-ouuuleilei=gmail.com@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a05:7300:a81b:b0:108:e6aa:91d0 with SMTP id
bq27csp788782dyb;
Fri, 23 Feb 2024 11:06:39 -0800 (PST)
X-Forwarded-Encrypted: i=3;
AJvYcCXbsn45dMNyitq68oNvY9R/0a4L/nEWX7c1VsR5tTVbmLVwoZULJ+cTJC08qDWxGCJv23LLf5Cf36xQJ4R1vK7ZkGU/rw==
X-Google-Smtp-Source:
AGHT+IHWJNFCnI8WLK+7SC8XTfU+i7V+g6ko2r8C7h00nAB55vLFSsbmQ6tvHl6A43fig3mB/6uI
X-Received: by 2002:a17:903:1250:b0:1dc:f0e:4e with SMTP id
u16-20020a170903125000b001dc0f0e004emr940753plh.12.1708715199262;
Fri, 23 Feb 2024 11:06:39 -0800 (PST)
ARC-Seal: i=2; a=rsa-sha256; t=1708715199; cv=pass;
d=google.com; s=arc-20160816;
b=SF0KuN/X0YnSQ1QBGEeAI2KS2fDs/NFOKTvi1dncE4140lLpASvwaOdxJxlJpr5Nf6
NxXVTs/FgbG4ycJ7A5iNvodUgijv6po+Hkf5JW/wO4RiCwm2+CFWfu3BKvuLfOSOgjIV
ne9l/siHdvj1LerJfBR/kIrCgHeHPPGwTEegVW7NkoPjoWEQtqBWfK8+vNZdPZ89HxYM
71j+NL6oWHu1DKQUBPD1DxGSIn8f8QubtScBK+Y+BT4bTFd0Bnb8zH4Rop8u+S6LoApB
tG2gZCvAtQYvMs//c6e3jYs+BsMSvQ7y6nsz1BoNU9aOSALCiuzbRKcFMN8fRfWtNNiw
mEFQ==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=content-transfer-encoding:mime-version:list-unsubscribe
:list-subscribe:list-id:precedence:references:in-reply-to:message-id
:date:subject:cc:to:from:dkim-signature;
bh=ebNM1jfNxFrGEla+vw6xrGOMJ3r34v4XyT6ZnJpNf/4=;
fh=75p7ccQGuT0xN9vNAOHl1M6SKBcYhJIT9hLFptk3jWg=;
b=bM8zh4M48vs5ki16j4D6uCtxMnnkJLbQB5oJ3nel2N6jDfgSyB6gXyk1aeoJILSR3R
rrh+lX8kDPK+fI9bIMK+/Nj2xaflZxhOt/eBz5z8csICb7Ru5mdyvF/leCEkr8/6EmLZ
xQ+FTebTV3l3l2ZfVzk59kJ2TPd8rTSDY1sQ02cQSxrQxmmpslSVB1rHdFhz3Oqv5MQR
YXyf5vyb7JLXwGkKkfGT+3mVOHZYeAdffrhmTjzGx56etAEPovMWcaynq/OtBvXkU6F7
N51Q04OQcCp0YcZdtUz4ZwvDEhEkTqZs46P84SZm/6O2Ke/4rhDU+2PIr71kcLSvhifO
OCUA==;
dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
dkim=pass header.i=@digikod.net header.s=20191114 header.b=H9WEYkU4;
arc=pass (i=1 spf=pass spfdomain=digikod.net dkim=pass
dkdomain=digikod.net);
spf=pass (google.com: domain of
linux-kernel+bounces-79015-ouuuleilei=gmail.com@vger.kernel.org designates
139.178.88.99 as permitted sender)
smtp.mailfrom="linux-kernel+bounces-79015-ouuuleilei=gmail.com@vger.kernel.org"
Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99])
by mx.google.com with ESMTPS id
lo6-20020a056a003d0600b006e450ba5b04si10890239pfb.6.2024.02.23.11.06.39
for <ouuuleilei@gmail.com>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Fri, 23 Feb 2024 11:06:39 -0800 (PST)
Received-SPF: pass (google.com: domain of
linux-kernel+bounces-79015-ouuuleilei=gmail.com@vger.kernel.org designates
139.178.88.99 as permitted sender) client-ip=139.178.88.99;
Authentication-Results: mx.google.com;
dkim=pass header.i=@digikod.net header.s=20191114 header.b=H9WEYkU4;
arc=pass (i=1 spf=pass spfdomain=digikod.net dkim=pass
dkdomain=digikod.net);
spf=pass (google.com: domain of
linux-kernel+bounces-79015-ouuuleilei=gmail.com@vger.kernel.org designates
139.178.88.99 as permitted sender)
smtp.mailfrom="linux-kernel+bounces-79015-ouuuleilei=gmail.com@vger.kernel.org"
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org
[52.25.139.140])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by sv.mirrors.kernel.org (Postfix) with ESMTPS id 41BB2287B38
for <ouuuleilei@gmail.com>; Fri, 23 Feb 2024 19:06:28 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
by smtp.subspace.kernel.org (Postfix) with ESMTP id 60B431448FE;
Fri, 23 Feb 2024 19:06:12 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
dkim=pass (1024-bit key) header.d=digikod.net header.i=@digikod.net
header.b="H9WEYkU4"
Received: from smtp-190e.mail.infomaniak.ch (smtp-190e.mail.infomaniak.ch
[185.125.25.14])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by smtp.subspace.kernel.org (Postfix) with ESMTPS id CA76EEAD2
for <linux-kernel@vger.kernel.org>; Fri, 23 Feb 2024 19:06:06 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
arc=none smtp.client-ip=185.125.25.14
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
t=1708715169; cv=none;
b=kCmqUTWlQUmmdBJ4xCuCgxVgJRWhMOm7N5ktVvC+SZdi7FDoGH5gO5kJjOONGJU0+I/yR0eCt5ar1XSNg4bV69InUlEh3JxwvJWFmPYdRqowRu/Vtb4mZEzhGQSTLHpZ05slwe3LoWFcJRSJCVtH0TtJaq7Us7ZH0NLG4pfnaII=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
s=arc-20240116; t=1708715169; c=relaxed/simple;
bh=YdGYAHw605VafQ4cjqctlQpaI+zPzB3uwPRkJjOjJFE=;
h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
MIME-Version:Content-Type;
b=oQBkYuzkXENYgvB6tBMAE/1Z2pKhp+Pq6sUv9EI6yas0U74GqkrYrj17BBRMyIcKytSs+GYM1aFWfHysrYOM7qy5HhtYhU9wNxxCIOxsHKbnQLnYqoQPPtQHtrJOUV9GKuj+P/UuHE/ZB+1p9Y7uG6YO+duCmYWFQ0UkB0EecT0=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
dmarc=none (p=none dis=none) header.from=digikod.net;
spf=pass smtp.mailfrom=digikod.net;
dkim=pass (1024-bit key) header.d=digikod.net header.i=@digikod.net
header.b=H9WEYkU4; arc=none smtp.client-ip=185.125.25.14
Authentication-Results: smtp.subspace.kernel.org;
dmarc=none (p=none dis=none) header.from=digikod.net
Authentication-Results: smtp.subspace.kernel.org;
spf=pass smtp.mailfrom=digikod.net
Received: from smtp-3-0001.mail.infomaniak.ch (unknown [10.4.36.108])
by smtp-3-3000.mail.infomaniak.ch (Postfix) with ESMTPS id 4ThKGv49QfzMq2xt;
Fri, 23 Feb 2024 20:05:59 +0100 (CET)
Received: from unknown by smtp-3-0001.mail.infomaniak.ch (Postfix) with ESMTPA
id 4ThKGv0pfYzMpnPc;
Fri, 23 Feb 2024 20:05:59 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=digikod.net;
s=20191114; t=1708715159;
bh=YdGYAHw605VafQ4cjqctlQpaI+zPzB3uwPRkJjOjJFE=;
h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
b=H9WEYkU4GyTi79yWNsj+FBBwY2I/Zm9vHlkuL2GG+FniECt0mVFOKqZkNHj7g0SR7
1np3Zpre5uRvuBsKC4mPYJ5qluB+Q7MQHE2a6o6JlD2DBpzYmaKjK/DqFEAQxkf9yy
XQrvusHt5juvdNyRutZawD3xEJfECNx2tvu5UI24=
From: =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= <mic@digikod.net>
To: Casey Schaufler <casey@schaufler-ca.com>,
John Johansen <john.johansen@canonical.com>,
Paul Moore <paul@paul-moore.com>
Cc: =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= <mic@digikod.net>,
James Morris <jmorris@namei.org>, "Serge E . Hallyn" <serge@hallyn.com>,
linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org,
stable@vger.kernel.org
Subject: [PATCH 2/2] AppArmor: Fix lsm_get_self_attr()
Date: Fri, 23 Feb 2024 20:05:46 +0100
Message-ID: <20240223190546.3329966-2-mic@digikod.net>
In-Reply-To: <20240223190546.3329966-1-mic@digikod.net>
References: <20240223190546.3329966-1-mic@digikod.net>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Infomaniak-Routing: alpha
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1791717749018098700
X-GMAIL-MSGID: 1791717749018098700
|
| Series |
[1/2] SELinux: Fix lsm_get_self_attr()
|
|
Commit Message
Mickaël Salaün
Feb. 23, 2024, 7:05 p.m. UTC
aa_getprocattr() may not initialize the value's pointer in some case.
As for proc_pid_attr_read(), initialize this pointer to NULL in
apparmor_getselfattr() to avoid an UAF in the kfree() call.
Cc: Casey Schaufler <casey@schaufler-ca.com>
Cc: John Johansen <john.johansen@canonical.com>
Cc: Paul Moore <paul@paul-moore.com>
Cc: stable@vger.kernel.org
Fixes: 223981db9baf ("AppArmor: Add selfattr hooks")
Signed-off-by: Mickaël Salaün <mic@digikod.net>
---
security/apparmor/lsm.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Comments
On Fri, Feb 23, 2024 at 2:06 PM Mickaël Salaün <mic@digikod.net> wrote: > > aa_getprocattr() may not initialize the value's pointer in some case. > As for proc_pid_attr_read(), initialize this pointer to NULL in > apparmor_getselfattr() to avoid an UAF in the kfree() call. > > Cc: Casey Schaufler <casey@schaufler-ca.com> > Cc: John Johansen <john.johansen@canonical.com> > Cc: Paul Moore <paul@paul-moore.com> > Cc: stable@vger.kernel.org > Fixes: 223981db9baf ("AppArmor: Add selfattr hooks") > Signed-off-by: Mickaël Salaün <mic@digikod.net> > --- > security/apparmor/lsm.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) If you like John, I can send this up to Linus with the related SELinux fix, I would just need an ACK from you. > diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c > index 98e1150bee9d..9a3dcaafb5b1 100644 > --- a/security/apparmor/lsm.c > +++ b/security/apparmor/lsm.c > @@ -784,7 +784,7 @@ static int apparmor_getselfattr(unsigned int attr, struct lsm_ctx __user *lx, > int error = -ENOENT; > struct aa_task_ctx *ctx = task_ctx(current); > struct aa_label *label = NULL; > - char *value; > + char *value = NULL; > > switch (attr) { > case LSM_ATTR_CURRENT: > -- > 2.43.0
On Fri, Feb 23, 2024 at 4:07 PM Paul Moore <paul@paul-moore.com> wrote: > On Fri, Feb 23, 2024 at 2:06 PM Mickaël Salaün <mic@digikod.net> wrote: > > > > aa_getprocattr() may not initialize the value's pointer in some case. > > As for proc_pid_attr_read(), initialize this pointer to NULL in > > apparmor_getselfattr() to avoid an UAF in the kfree() call. > > > > Cc: Casey Schaufler <casey@schaufler-ca.com> > > Cc: John Johansen <john.johansen@canonical.com> > > Cc: Paul Moore <paul@paul-moore.com> > > Cc: stable@vger.kernel.org > > Fixes: 223981db9baf ("AppArmor: Add selfattr hooks") > > Signed-off-by: Mickaël Salaün <mic@digikod.net> > > --- > > security/apparmor/lsm.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > If you like John, I can send this up to Linus with the related SELinux > fix, I would just need an ACK from you. Reviewed-by: Paul Moore <paul@paul-moore.com> This patch looks good to me, and while we've still got at least two (maybe three?) more weeks before v6.8 is tagged, I think it would be good to get this up to Linus ASAP. I'll hold off for another day, but if we don't see any comment from John I'll go ahead and merge this and send it up to Linus with the SELinux fix; I'm sure John wouldn't be happy if v6.8 went out the door without this fix. > > diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c > > index 98e1150bee9d..9a3dcaafb5b1 100644 > > --- a/security/apparmor/lsm.c > > +++ b/security/apparmor/lsm.c > > @@ -784,7 +784,7 @@ static int apparmor_getselfattr(unsigned int attr, struct lsm_ctx __user *lx, > > int error = -ENOENT; > > struct aa_task_ctx *ctx = task_ctx(current); > > struct aa_label *label = NULL; > > - char *value; > > + char *value = NULL; > > > > switch (attr) { > > case LSM_ATTR_CURRENT: > > -- > > 2.43.0
On Mon, Feb 26, 2024 at 2:59 PM Paul Moore <paul@paul-moore.com> wrote: > On Fri, Feb 23, 2024 at 4:07 PM Paul Moore <paul@paul-moore.com> wrote: > > On Fri, Feb 23, 2024 at 2:06 PM Mickaël Salaün <mic@digikod.net> wrote: > > > > > > aa_getprocattr() may not initialize the value's pointer in some case. > > > As for proc_pid_attr_read(), initialize this pointer to NULL in > > > apparmor_getselfattr() to avoid an UAF in the kfree() call. > > > > > > Cc: Casey Schaufler <casey@schaufler-ca.com> > > > Cc: John Johansen <john.johansen@canonical.com> > > > Cc: Paul Moore <paul@paul-moore.com> > > > Cc: stable@vger.kernel.org > > > Fixes: 223981db9baf ("AppArmor: Add selfattr hooks") > > > Signed-off-by: Mickaël Salaün <mic@digikod.net> > > > --- > > > security/apparmor/lsm.c | 2 +- > > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > If you like John, I can send this up to Linus with the related SELinux > > fix, I would just need an ACK from you. > > Reviewed-by: Paul Moore <paul@paul-moore.com> > > This patch looks good to me, and while we've still got at least two > (maybe three?) more weeks before v6.8 is tagged, I think it would be > good to get this up to Linus ASAP. I'll hold off for another day, but > if we don't see any comment from John I'll go ahead and merge this and > send it up to Linus with the SELinux fix; I'm sure John wouldn't be > happy if v6.8 went out the door without this fix. I just merged this into lsm/stable-6.8 and once the automated build/test has done it's thing and come back clean I'll send this, along with the associated SELinux fix, up to Linus. Thanks all. John, if this commit is problematic please let me know and I'll send a fix or a revert.
On Tue, Feb 27, 2024 at 11:01 AM Paul Moore <paul@paul-moore.com> wrote: > On Mon, Feb 26, 2024 at 2:59 PM Paul Moore <paul@paul-moore.com> wrote: > > On Fri, Feb 23, 2024 at 4:07 PM Paul Moore <paul@paul-moore.com> wrote: > > > On Fri, Feb 23, 2024 at 2:06 PM Mickaël Salaün <mic@digikod.net> wrote: > > > > > > > > aa_getprocattr() may not initialize the value's pointer in some case. > > > > As for proc_pid_attr_read(), initialize this pointer to NULL in > > > > apparmor_getselfattr() to avoid an UAF in the kfree() call. > > > > > > > > Cc: Casey Schaufler <casey@schaufler-ca.com> > > > > Cc: John Johansen <john.johansen@canonical.com> > > > > Cc: Paul Moore <paul@paul-moore.com> > > > > Cc: stable@vger.kernel.org > > > > Fixes: 223981db9baf ("AppArmor: Add selfattr hooks") > > > > Signed-off-by: Mickaël Salaün <mic@digikod.net> > > > > --- > > > > security/apparmor/lsm.c | 2 +- > > > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > > > If you like John, I can send this up to Linus with the related SELinux > > > fix, I would just need an ACK from you. > > > > Reviewed-by: Paul Moore <paul@paul-moore.com> > > > > This patch looks good to me, and while we've still got at least two > > (maybe three?) more weeks before v6.8 is tagged, I think it would be > > good to get this up to Linus ASAP. I'll hold off for another day, but > > if we don't see any comment from John I'll go ahead and merge this and > > send it up to Linus with the SELinux fix; I'm sure John wouldn't be > > happy if v6.8 went out the door without this fix. > > I just merged this into lsm/stable-6.8 and once the automated > build/test has done it's thing and come back clean I'll send this, > along with the associated SELinux fix, up to Linus. Thanks all. In off-list discussions with Mickaël today it was noted that this patch also needs a fixup to the commit description so I've replaced it with the following: "In apparmor_getselfattr() when an invalid AppArmor attribute is requested, or a value hasn't been explicitly set for the requested attribute, the label passed to aa_put_label() is not properly initialized which can cause problems when the pointer value is non-NULL and AppArmor attempts to drop a reference on the bogus label object." I've updated the commit in lsm/stable-6.8 and I'll be sending it to Linus shortly. > John, if this commit is problematic please let me know and I'll send a > fix or a revert.
On Tue, Feb 27, 2024 at 5:09 PM Paul Moore <paul@paul-moore.com> wrote: > On Tue, Feb 27, 2024 at 11:01 AM Paul Moore <paul@paul-moore.com> wrote: > > On Mon, Feb 26, 2024 at 2:59 PM Paul Moore <paul@paul-moore.com> wrote: > > > On Fri, Feb 23, 2024 at 4:07 PM Paul Moore <paul@paul-moore.com> wrote: > > > > On Fri, Feb 23, 2024 at 2:06 PM Mickaël Salaün <mic@digikod.net> wrote: > > > > > > > > > > aa_getprocattr() may not initialize the value's pointer in some case. > > > > > As for proc_pid_attr_read(), initialize this pointer to NULL in > > > > > apparmor_getselfattr() to avoid an UAF in the kfree() call. > > > > > > > > > > Cc: Casey Schaufler <casey@schaufler-ca.com> > > > > > Cc: John Johansen <john.johansen@canonical.com> > > > > > Cc: Paul Moore <paul@paul-moore.com> > > > > > Cc: stable@vger.kernel.org > > > > > Fixes: 223981db9baf ("AppArmor: Add selfattr hooks") > > > > > Signed-off-by: Mickaël Salaün <mic@digikod.net> > > > > > --- > > > > > security/apparmor/lsm.c | 2 +- > > > > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > > > > > If you like John, I can send this up to Linus with the related SELinux > > > > fix, I would just need an ACK from you. > > > > > > Reviewed-by: Paul Moore <paul@paul-moore.com> > > > > > > This patch looks good to me, and while we've still got at least two > > > (maybe three?) more weeks before v6.8 is tagged, I think it would be > > > good to get this up to Linus ASAP. I'll hold off for another day, but > > > if we don't see any comment from John I'll go ahead and merge this and > > > send it up to Linus with the SELinux fix; I'm sure John wouldn't be > > > happy if v6.8 went out the door without this fix. > > > > I just merged this into lsm/stable-6.8 and once the automated > > build/test has done it's thing and come back clean I'll send this, > > along with the associated SELinux fix, up to Linus. Thanks all. > > In off-list discussions with Mickaël today it was noted that this > patch also needs a fixup to the commit description so I've replaced it > with the following: > > "In apparmor_getselfattr() when an invalid AppArmor > attribute is requested, or a value hasn't been explicitly > set for the requested attribute, the label passed to > aa_put_label() is not properly initialized which can cause > problems when the pointer value is non-NULL and AppArmor > attempts to drop a reference on the bogus label object." > > I've updated the commit in lsm/stable-6.8 and I'll be sending it to > Linus shortly. > > > John, if this commit is problematic please let me know and I'll send a > > fix or a revert. I also just realized that both this patch and the SELinux have the stable kernel marking which shouldn't be necessary as the LSM syscalls are only present in the v6.8-rcX kernels. I'm going to drop the stable tagging, but leave the 'Fixes:' tag of course.
On Tue, Feb 27, 2024 at 05:13:58PM -0500, Paul Moore wrote: > On Tue, Feb 27, 2024 at 5:09 PM Paul Moore <paul@paul-moore.com> wrote: > > On Tue, Feb 27, 2024 at 11:01 AM Paul Moore <paul@paul-moore.com> wrote: > > > On Mon, Feb 26, 2024 at 2:59 PM Paul Moore <paul@paul-moore.com> wrote: > > > > On Fri, Feb 23, 2024 at 4:07 PM Paul Moore <paul@paul-moore.com> wrote: > > > > > On Fri, Feb 23, 2024 at 2:06 PM Mickaël Salaün <mic@digikod.net> wrote: > > > > > > > > > > > > aa_getprocattr() may not initialize the value's pointer in some case. > > > > > > As for proc_pid_attr_read(), initialize this pointer to NULL in > > > > > > apparmor_getselfattr() to avoid an UAF in the kfree() call. > > > > > > > > > > > > Cc: Casey Schaufler <casey@schaufler-ca.com> > > > > > > Cc: John Johansen <john.johansen@canonical.com> > > > > > > Cc: Paul Moore <paul@paul-moore.com> > > > > > > Cc: stable@vger.kernel.org > > > > > > Fixes: 223981db9baf ("AppArmor: Add selfattr hooks") > > > > > > Signed-off-by: Mickaël Salaün <mic@digikod.net> > > > > > > --- > > > > > > security/apparmor/lsm.c | 2 +- > > > > > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > > > > > > > If you like John, I can send this up to Linus with the related SELinux > > > > > fix, I would just need an ACK from you. > > > > > > > > Reviewed-by: Paul Moore <paul@paul-moore.com> > > > > > > > > This patch looks good to me, and while we've still got at least two > > > > (maybe three?) more weeks before v6.8 is tagged, I think it would be > > > > good to get this up to Linus ASAP. I'll hold off for another day, but > > > > if we don't see any comment from John I'll go ahead and merge this and > > > > send it up to Linus with the SELinux fix; I'm sure John wouldn't be > > > > happy if v6.8 went out the door without this fix. > > > > > > I just merged this into lsm/stable-6.8 and once the automated > > > build/test has done it's thing and come back clean I'll send this, > > > along with the associated SELinux fix, up to Linus. Thanks all. > > > > In off-list discussions with Mickaël today it was noted that this > > patch also needs a fixup to the commit description so I've replaced it > > with the following: > > > > "In apparmor_getselfattr() when an invalid AppArmor > > attribute is requested, or a value hasn't been explicitly > > set for the requested attribute, the label passed to > > aa_put_label() is not properly initialized which can cause > > problems when the pointer value is non-NULL and AppArmor > > attempts to drop a reference on the bogus label object." > > > > I've updated the commit in lsm/stable-6.8 and I'll be sending it to > > Linus shortly. > > > > > John, if this commit is problematic please let me know and I'll send a > > > fix or a revert. > > I also just realized that both this patch and the SELinux have the > stable kernel marking which shouldn't be necessary as the LSM syscalls > are only present in the v6.8-rcX kernels. I'm going to drop the > stable tagging, but leave the 'Fixes:' tag of course. Looks good, thanks! > > -- > paul-moore.com >
diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 98e1150bee9d..9a3dcaafb5b1 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -784,7 +784,7 @@ static int apparmor_getselfattr(unsigned int attr, struct lsm_ctx __user *lx, int error = -ENOENT; struct aa_task_ctx *ctx = task_ctx(current); struct aa_label *label = NULL; - char *value; + char *value = NULL; switch (attr) { case LSM_ATTR_CURRENT: