From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1753875AbbEOJXJ (ORCPT <rfc822;w@1wt.eu>);
	Fri, 15 May 2015 05:23:09 -0400
Received: from mailhub.sw.ru ([195.214.232.25]:9353 "EHLO relay.sw.ru"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1753021AbbEOJXE (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Fri, 15 May 2015 05:23:04 -0400
Message-ID: <5555BABE.2090705@odin.com>
Date: Fri, 15 May 2015 12:22:06 +0300
From: Vasily Averin <vvs@odin.com>
Organization: Odin
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0
MIME-Version: 1.0
To: Andrew Morton <akpm@linux-foundation.org>
CC: linux-kernel@vger.kernel.org, Kees Cook <keescook@chromium.org>,
        Josh Boyer <jwboyer@redhat.com>, Eric Paris <eparis@redhat.com>
Subject: Re: [PATCH] kernel/printk/printk.c: check_syslog_permissions() cleanup
References: <554EFC49.2020800@odin.com> <20150514150154.dbfb8ab275aa30d0fe93172b@linux-foundation.org> <5555A33E.5070403@odin.com>
In-Reply-To: <5555A33E.5070403@odin.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org



On 15.05.2015 10:41, Vasily Averin wrote:
> On 15.05.2015 01:01, Andrew Morton wrote:
>> On Sun, 10 May 2015 09:35:53 +0300 Vasily Averin <vvs@odin.com> wrote:
>>
>>> Fixes: 637241a900cb ("kmsg: honor dmesg_restrict sysctl on /dev/kmsg")
>>>
>>> Final version of patch 637241a900cb ("kmsg: honor dmesg_restrict sysctl
>>> on /dev/kmsg") lost few hooks. As result security_syslog() is not checked
>>> inside check_syslog_permissions() if dmesg_restrict is set,
>>> or it can be called twice in do_syslog().
>>
>> I'm not seeing how security_syslog() is called twice from do_syslog(). 
>> Put more details in the changelog, please.
> 
> For example, if dmesg_restrict is not set and SYSLOG_ACTION_OPEN is requested.

no, SYSLOG_ACTION_OPEN does not fit.

syslog_action_restricted() should return 0,
so it should be SYSLOG_ACTION_READ_ALL or SYSLOG_ACTION_SIZE_BUFFER commands
and from_file should be set to SYSLOG_FROM_READER.

> In this case do_syslog() calls check_syslog_permissions() 
> where security_syslog() is called first time and approves the operation,
> then do_syslog() itself calls security_syslog() 2nd time.
>