From: "Ahmed S. Darwish" <darwish.07@gmail.com>
To: Joerg Platte <jplatte@naasa.net>
Cc: linux-kernel@vger.kernel.org, casey@schaufler-ca.com
Subject: [PATCH - BUGFIX] Smack: Check for 'struct socket' with NULL sk
Date: Tue, 12 Feb 2008 01:23:47 +0200 [thread overview]
Message-ID: <20080211232347.GA3635@ubuntu> (raw)
In-Reply-To: <200802111926.03067.jplatte@naasa.net>
On Mon, Feb 11, 2008 at 07:26:02PM +0100, Joerg Platte wrote:
> Hi,
>
> when booting linux 2.6.25-rc1 I get the following error:
>
> BUG: unable to handle kernel NULL pointer dereference at 00000138
> IP: [<c01aa59e>] smack_netlabel+0x13/0xc8
> *pde = 00000000
> Oops: 0000 [#1] PREEMPT
> Modules linked in: nfsd
[...]
> Call Trace:
> [<c01aacf8>] ? new_inode_smack+0x39/0x3f
> [<c01aad52>] ? smack_inode_alloc_security+0x16/0x27
> [<c01a7510>] ? security_inode_alloc+0x19/0x1b
> [<c01aa665>] ? smack_socket_post_create+0x12/0x18
> [<c01a7a06>] ? security_socket_post_create+0x16/0x1b
> [<c02116ce>] ? sock_create_lite+0x44/0x64
> [<c0211712>] ? kernel_accept+0x24/0x5f
Hi Joerg,
There's a small problem with smack and NFS. A similar report was also
sent here: http://lkml.org/lkml/2007/10/27/85
Could you please check below patch ? I think it should fix your problem.
I've also added similar checks in inode_{get/set}security(). Cheating
from SELinux post_create_socket(), it does the same. Casey, Thoughts ?
Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com>
---
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 1c11e42..eb04278 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -701,7 +701,7 @@ static int smack_inode_getsecurity(const struct inode *inode,
return -EOPNOTSUPP;
sock = SOCKET_I(ip);
- if (sock == NULL)
+ if (sock == NULL || sock->sk == NULL)
return -EOPNOTSUPP;
ssp = sock->sk->sk_security;
@@ -1280,10 +1280,12 @@ static void smack_to_secattr(char *smack, struct netlbl_lsm_secattr *nlsp)
*/
static int smack_netlabel(struct sock *sk)
{
- struct socket_smack *ssp = sk->sk_security;
+ struct socket_smack *ssp;
struct netlbl_lsm_secattr secattr;
int rc = 0;
+ BUG_ON(sk == NULL);
+ ssp = sk->sk_security;
netlbl_secattr_init(&secattr);
smack_to_secattr(ssp->smk_out, &secattr);
if (secattr.flags != NETLBL_SECATTR_NONE)
@@ -1331,7 +1333,7 @@ static int smack_inode_setsecurity(struct inode *inode, const char *name,
return -EOPNOTSUPP;
sock = SOCKET_I(inode);
- if (sock == NULL)
+ if (sock == NULL || sock->sk == NULL)
return -EOPNOTSUPP;
ssp = sock->sk->sk_security;
@@ -1362,7 +1364,7 @@ static int smack_inode_setsecurity(struct inode *inode, const char *name,
static int smack_socket_post_create(struct socket *sock, int family,
int type, int protocol, int kern)
{
- if (family != PF_INET)
+ if (family != PF_INET || sock->sk == NULL)
return 0;
/*
* Set the outbound netlbl.
next prev parent reply other threads:[~2008-02-11 23:26 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-02-11 18:26 BUG with 2.6.25-rc1 and smack Joerg Platte
2008-02-11 18:51 ` Casey Schaufler
2008-02-11 19:13 ` Joerg Platte
2008-02-11 23:23 ` Ahmed S. Darwish [this message]
2008-02-12 2:26 ` [PATCH - BUGFIX] Smack: Check for 'struct socket' with NULL sk Casey Schaufler
2008-02-12 9:29 ` Joerg Platte
2008-02-13 0:35 ` Casey Schaufler
2008-02-13 8:09 ` Andrew Morton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080211232347.GA3635@ubuntu \
--to=darwish.07@gmail.com \
--cc=casey@schaufler-ca.com \
--cc=jplatte@naasa.net \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).