From: John Johansen <john.johansen@canonical.com>
To: James Morris <jmorris@namei.org>,
Casey Schaufler <casey@schaufler-ca.com>
Cc: linux-kernel@vger.kernel.org,
linux-security-module@vger.kernel.org, serge@hallyn.com
Subject: Re: WARNING in apparmor_cred_free
Date: Wed, 16 Jan 2019 14:36:34 -0800 [thread overview]
Message-ID: <81e41439-7b32-45cf-465a-19dd14f6f3ef@canonical.com> (raw)
In-Reply-To: <alpine.LRH.2.21.1901170814170.7422@namei.org>
On 1/16/19 1:14 PM, James Morris wrote:
> On Fri, 11 Jan 2019, Casey Schaufler wrote:
>
>> >From 47134986133c822e1d88860fa2b108f92c97a7ff Mon Sep 17 00:00:00 2001
>> From: Casey Schaufler <casey@schaufler-ca.com>
>> Date: Fri, 11 Jan 2019 17:31:50 -0800
>> Subject: [PATCH 1/2] LSM: Check for NULL cred-security on free
>>
>> Check that the cred security blob has been set before trying
>> to clean it up. There is a case during credential initialization
>> that could result in this.
>>
>> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
>
> JJ: does this fix the problem?
>
sorry for not responding earlier, yes it does.
Acked-by: John Johansen <john.johansen@canonical.com>
>> ---
>> security/security.c | 7 +++++++
>> 1 file changed, 7 insertions(+)
>>
>> diff --git a/security/security.c b/security/security.c
>> index a618e22df5c6..7bffc86d4e87 100644
>> --- a/security/security.c
>> +++ b/security/security.c
>> @@ -1477,6 +1477,13 @@ int security_cred_alloc_blank(struct cred *cred, gfp_t gfp)
>>
>> void security_cred_free(struct cred *cred)
>> {
>> + /*
>> + * There is a failure case in prepare_creds() that
>> + * may result in a call here with ->security being NULL.
>> + */
>> + if (unlikely(cred->security == NULL))
>> + return;
>> +
>> call_void_hook(cred_free, cred);
>>
>> kfree(cred->security);
>>
>
next prev parent reply other threads:[~2019-01-16 22:36 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-01-11 9:43 WARNING in apparmor_cred_free syzbot
2019-01-11 22:11 ` Casey Schaufler
2019-01-11 22:30 ` John Johansen
2019-01-11 22:43 ` Casey Schaufler
2019-01-11 23:20 ` Casey Schaufler
2019-01-12 1:46 ` Casey Schaufler
2019-01-14 11:12 ` Dmitry Vyukov
2019-01-16 21:14 ` James Morris
2019-01-16 22:36 ` John Johansen [this message]
2019-01-16 23:44 ` James Morris
2019-01-12 1:48 ` Casey Schaufler
2019-01-16 23:30 ` James Morris
2019-01-17 0:19 ` John Johansen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=81e41439-7b32-45cf-465a-19dd14f6f3ef@canonical.com \
--to=john.johansen@canonical.com \
--cc=casey@schaufler-ca.com \
--cc=jmorris@namei.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=serge@hallyn.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).