From: Al Viro <viro@ZenIV.linux.org.uk>
To: Eric Paris <eparis@redhat.com>
Cc: Steven Rostedt <rostedt@goodmis.org>,
LKML <linux-kernel@vger.kernel.org>,
Stephen Smalley <sds@tycho.nsa.gov>,
James Morris <james.l.morris@oracle.com>,
Paul Moore <paul@paul-moore.com>,
Andrew Morton <akpm@linux-foundation.org>,
"Paul E. McKenney" <paulmck@linux.vnet.ibm.com>,
stable <stable@vger.kernel.org>,
selinux@tycho.nsa.gov, linux-security-module@vger.kernel.org
Subject: Re: [PATCH] SELinux: Fix possible NULL pointer dereference in selinux_inode_permission()
Date: Thu, 9 Jan 2014 22:28:10 +0000 [thread overview]
Message-ID: <20140109222809.GL10323@ZenIV.linux.org.uk> (raw)
In-Reply-To: <1389283545.15209.59.camel@localhost>
On Thu, Jan 09, 2014 at 11:05:45AM -0500, Eric Paris wrote:
> [adding lsm and selinux]
>
> Am I just crazy, or was this bug discussed (and obviously not fixed)
> some time ago?
>
> VFS can still use inodes after security_inode_free_security() was
> called...
Unrelated bug.
> > Assuming the VFS guys say that delaying __destroy_inode() is safe like
> > that, I like it better. It also means that this is fixed for all LSMs,
> > not just SELinux...
Recall what your own code called from __destroy_inode() (fsnotify horrors)
is doing - you can't grab a mutex from RCU callback...
WARNING: multiple messages have this Message-ID (diff)
From: Al Viro <viro@ZenIV.linux.org.uk>
To: Eric Paris <eparis@redhat.com>
Cc: LKML <linux-kernel@vger.kernel.org>,
Steven Rostedt <rostedt@goodmis.org>,
linux-security-module@vger.kernel.org,
stable <stable@vger.kernel.org>,
James Morris <james.l.morris@oracle.com>,
Andrew Morton <akpm@linux-foundation.org>,
"Paul E. McKenney" <paulmck@linux.vnet.ibm.com>,
Stephen Smalley <sds@tycho.nsa.gov>,
selinux@tycho.nsa.gov
Subject: Re: [PATCH] SELinux: Fix possible NULL pointer dereference in selinux_inode_permission()
Date: Thu, 9 Jan 2014 22:28:10 +0000 [thread overview]
Message-ID: <20140109222809.GL10323@ZenIV.linux.org.uk> (raw)
In-Reply-To: <1389283545.15209.59.camel@localhost>
On Thu, Jan 09, 2014 at 11:05:45AM -0500, Eric Paris wrote:
> [adding lsm and selinux]
>
> Am I just crazy, or was this bug discussed (and obviously not fixed)
> some time ago?
>
> VFS can still use inodes after security_inode_free_security() was
> called...
Unrelated bug.
> > Assuming the VFS guys say that delaying __destroy_inode() is safe like
> > that, I like it better. It also means that this is fixed for all LSMs,
> > not just SELinux...
Recall what your own code called from __destroy_inode() (fsnotify horrors)
is doing - you can't grab a mutex from RCU callback...
next prev parent reply other threads:[~2014-01-09 22:28 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-01-09 15:19 [PATCH] SELinux: Fix possible NULL pointer dereference in selinux_inode_permission() Steven Rostedt
2014-01-09 15:31 ` Eric Paris
2014-01-09 15:51 ` Steven Rostedt
2014-01-09 15:57 ` Eric Paris
2014-01-09 16:05 ` Eric Paris
2014-01-09 16:05 ` Eric Paris
2014-01-09 16:10 ` Stephen Smalley
2014-01-09 16:10 ` Stephen Smalley
2014-01-09 16:22 ` Steven Rostedt
2014-01-09 16:22 ` Steven Rostedt
2014-01-09 16:25 ` Eric Paris
2014-01-09 16:25 ` Eric Paris
2014-01-09 20:20 ` Mimi Zohar
2014-01-09 20:20 ` Mimi Zohar
2014-01-09 20:24 ` Eric Paris
2014-01-09 20:24 ` Eric Paris
2014-01-09 22:28 ` Al Viro [this message]
2014-01-09 22:28 ` Al Viro
2014-01-09 22:17 ` Al Viro
2014-01-09 22:13 ` Al Viro
2014-01-09 22:18 ` Eric Paris
2014-01-09 22:25 ` Al Viro
2014-01-09 22:45 ` Eric Paris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140109222809.GL10323@ZenIV.linux.org.uk \
--to=viro@zeniv.linux.org.uk \
--cc=akpm@linux-foundation.org \
--cc=eparis@redhat.com \
--cc=james.l.morris@oracle.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=paul@paul-moore.com \
--cc=paulmck@linux.vnet.ibm.com \
--cc=rostedt@goodmis.org \
--cc=sds@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.