From: Mimi Zohar <zohar@linux.vnet.ibm.com>
To: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Eric Paris <eparis@redhat.com>,
Steven Rostedt <rostedt@goodmis.org>,
Alexander Viro <viro@zeniv.linux.org.uk>,
LKML <linux-kernel@vger.kernel.org>,
James Morris <james.l.morris@oracle.com>,
Paul Moore <paul@paul-moore.com>,
Andrew Morton <akpm@linux-foundation.org>,
"Paul E. McKenney" <paulmck@linux.vnet.ibm.com>,
stable <stable@vger.kernel.org>,
selinux@tycho.nsa.gov, linux-security-module@vger.kernel.org
Subject: Re: [PATCH] SELinux: Fix possible NULL pointer dereference in selinux_inode_permission()
Date: Thu, 09 Jan 2014 15:20:51 -0500 [thread overview]
Message-ID: <1389298851.15186.57.camel@dhcp-9-2-203-236.watson.ibm.com> (raw)
In-Reply-To: <52CEC9DD.4000901@tycho.nsa.gov>
On Thu, 2014-01-09 at 11:10 -0500, Stephen Smalley wrote:
> On 01/09/2014 11:05 AM, Eric Paris wrote:
> > [adding lsm and selinux]
> >
> > Am I just crazy, or was this bug discussed (and obviously not fixed)
> > some time ago?
> >
> > VFS can still use inodes after security_inode_free_security() was
> > called...
>
> I didn't know that was the case; originally when we added the hook it
> was not possible. I have seen a Red Hat bugzilla report about it,
> but no upstream discussion.
For those of us that don't have access to the RH bugzilla, can someone
please summarize the problem?
thanks,
Mimi
WARNING: multiple messages have this Message-ID (diff)
From: Mimi Zohar <zohar@linux.vnet.ibm.com>
To: Stephen Smalley <sds@tycho.nsa.gov>
Cc: LKML <linux-kernel@vger.kernel.org>,
Steven Rostedt <rostedt@goodmis.org>,
linux-security-module@vger.kernel.org,
Eric Paris <eparis@redhat.com>,
James Morris <james.l.morris@oracle.com>,
stable <stable@vger.kernel.org>,
Andrew Morton <akpm@linux-foundation.org>,
"Paul E. McKenney" <paulmck@linux.vnet.ibm.com>,
selinux@tycho.nsa.gov, Alexander Viro <viro@zeniv.linux.org.uk>
Subject: Re: [PATCH] SELinux: Fix possible NULL pointer dereference in selinux_inode_permission()
Date: Thu, 09 Jan 2014 15:20:51 -0500 [thread overview]
Message-ID: <1389298851.15186.57.camel@dhcp-9-2-203-236.watson.ibm.com> (raw)
In-Reply-To: <52CEC9DD.4000901@tycho.nsa.gov>
On Thu, 2014-01-09 at 11:10 -0500, Stephen Smalley wrote:
> On 01/09/2014 11:05 AM, Eric Paris wrote:
> > [adding lsm and selinux]
> >
> > Am I just crazy, or was this bug discussed (and obviously not fixed)
> > some time ago?
> >
> > VFS can still use inodes after security_inode_free_security() was
> > called...
>
> I didn't know that was the case; originally when we added the hook it
> was not possible. I have seen a Red Hat bugzilla report about it,
> but no upstream discussion.
For those of us that don't have access to the RH bugzilla, can someone
please summarize the problem?
thanks,
Mimi
next prev parent reply other threads:[~2014-01-09 20:21 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-01-09 15:19 [PATCH] SELinux: Fix possible NULL pointer dereference in selinux_inode_permission() Steven Rostedt
2014-01-09 15:31 ` Eric Paris
2014-01-09 15:51 ` Steven Rostedt
2014-01-09 15:57 ` Eric Paris
2014-01-09 16:05 ` Eric Paris
2014-01-09 16:05 ` Eric Paris
2014-01-09 16:10 ` Stephen Smalley
2014-01-09 16:10 ` Stephen Smalley
2014-01-09 16:22 ` Steven Rostedt
2014-01-09 16:22 ` Steven Rostedt
2014-01-09 16:25 ` Eric Paris
2014-01-09 16:25 ` Eric Paris
2014-01-09 20:20 ` Mimi Zohar [this message]
2014-01-09 20:20 ` Mimi Zohar
2014-01-09 20:24 ` Eric Paris
2014-01-09 20:24 ` Eric Paris
2014-01-09 22:28 ` Al Viro
2014-01-09 22:28 ` Al Viro
2014-01-09 22:17 ` Al Viro
2014-01-09 22:13 ` Al Viro
2014-01-09 22:18 ` Eric Paris
2014-01-09 22:25 ` Al Viro
2014-01-09 22:45 ` Eric Paris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1389298851.15186.57.camel@dhcp-9-2-203-236.watson.ibm.com \
--to=zohar@linux.vnet.ibm.com \
--cc=akpm@linux-foundation.org \
--cc=eparis@redhat.com \
--cc=james.l.morris@oracle.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=paul@paul-moore.com \
--cc=paulmck@linux.vnet.ibm.com \
--cc=rostedt@goodmis.org \
--cc=sds@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
--cc=stable@vger.kernel.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.