Looks like this got lost while lkml was down.
---------- Forwarded message ----------
Date: Thu, 25 Mar 2004 00:56:02 -0500 (EST)
From: James Morris <[email protected]>
To: Andrew Morton <[email protected]>
Cc: Stephen Smalley <[email protected]>, [email protected]
Subject: [SELINUX] check return value for receive node permission
This patch fixes a bug where the return value for a permission call is not
checked.
The bug was introduced when I added some code in the following changeset:
<http://linux.bkbits.net:8080/linux-2.5/diffs/security/selinux/[email protected]?nav=index.html|src/|src/security|src/security/selinux|hist/security/selinux/hooks.c>
Code was added after this line:
err = avc_has_perm(isec->sid, node_sid, SECCLASS_NODE, node_perm, NULL, &ad);
without adding an explicit check of 'err', which was previously returned
from the function rather than being checked. i.e. it would drop through
to:
out:
return err;
}
With the new code added, err can (and typically would) be overwritten with
a successful value, causing the permission check to not deny permission if
needed. The intended denial would have been logged.
The patch below fixes this problem.
Please apply.
- James
--
James Morris
<[email protected]>
diff -urN -X dontdiff linux-2.6.5-rc2-mm2.o/security/selinux/hooks.c linux-2.6.5-rc2-mm2.w2/security/selinux/hooks.c
--- linux-2.6.5-rc2-mm2.o/security/selinux/hooks.c 2004-03-24 23:06:30.000000000 -0500
+++ linux-2.6.5-rc2-mm2.w2/security/selinux/hooks.c 2004-03-25 00:46:49.582735736 -0500
@@ -3040,6 +3040,8 @@
goto out;
err = avc_has_perm(isec->sid, node_sid, SECCLASS_NODE, node_perm, NULL, &ad);
+ if (err)
+ goto out;
if (recv_perm) {
u32 port_sid;