Hi,
Serge E. Hallyn contributed a patch for fix a few problems of the
kernel-configuration level support for the trusted group (outside the
groups acl support).
As suggested by Stephen D. Smalley, I've updated the file_mmap hook
checks logic, as some of statements are not needed if the initial struct
is present.
The new patch is attached, but again, extra information and
documentation can be found at http://selinux.tuxedo-es.org/tpe-lsm/ .
References (for initial release information):
[1]: http://lkml.org/lkml/2005/1/5/307 (original thread)
Please apply.
Cheers, -- Lorenzo Hern?ndez Garc?a-Hierro <[email protected]>
[1024D/6F2B2DEC] [2048g/9AE91A22] Hardened Debian head developer &
project manager
This patch leaks memory in the error paths. For example:
+static ssize_t trustedlistadd_read_file(struct tpe_list *list, char *buf)
+{
<snip>
+ char *buffer = kmalloc(400, GFP_KERNEL);
+
+ user = (char *)__get_free_page(GFP_KERNEL);
+ if (!user)
+ return -ENOMEM;
There's several of these.
-Steve Grubb
__________________________________
Do you Yahoo!?
The all-new My Yahoo! - What will yours do?
http://my.yahoo.com
* Steve G ([email protected]) wrote:
> This patch leaks memory in the error paths. For example:
>
> +static ssize_t trustedlistadd_read_file(struct tpe_list *list, char *buf)
> +{
> <snip>
> + char *buffer = kmalloc(400, GFP_KERNEL);
> +
> + user = (char *)__get_free_page(GFP_KERNEL);
> + if (!user)
> + return -ENOMEM;
Helps to inform the author ;-)
-chris
Hi,
El mar, 11-01-2005 a las 12:33 -0800, Chris Wright escribi?:
> * Steve G ([email protected]) wrote:
> > This patch leaks memory in the error paths. For example:
> >
> > +static ssize_t trustedlistadd_read_file(struct tpe_list *list, char *buf)
> > +{
> > <snip>
> > + char *buffer = kmalloc(400, GFP_KERNEL);
> > +
> > + user = (char *)__get_free_page(GFP_KERNEL);
> > + if (!user)
> > + return -ENOMEM;
>
> Helps to inform the author ;-)
It's fixed now and i will update the patches ASAP.
Next time it would be better to CC me directly, but anyway, thanks for
reporting this, as much as you mess it up, it's as much as i will work
to make it better ;).
Cheers,
--
Lorenzo Hern?ndez Garc?a-Hierro <[email protected]> [1024D/6F2B2DEC]
[2048g/9AE91A22] Hardened Debian head developer & project manager