Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp7446549yba; Thu, 2 May 2019 09:59:53 -0700 (PDT) X-Google-Smtp-Source: APXvYqzJFzZDOsztJFLP7xf6W3fz1puwWbj5/drZgpOI8hmqMWT4Z6/8gsf5bTCvRX8EyyjeMYjL X-Received: by 2002:a17:902:28a9:: with SMTP id f38mr4773579plb.295.1556816393113; Thu, 02 May 2019 09:59:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1556816393; cv=none; d=google.com; s=arc-20160816; b=j8u/fHIRDb6XtLQm2tLKIDdp4kB52FfglPerO1/rx+vOG/yxKpAu/KPd0VDHrv6aU0 vBjpWIL2kuxlfE+hjSp9lPMGBOSu6w+EdrI4Gnd2W5AROvR8RcLtR4FvW4L57Y+Quj9S yfu1T+aVP2O/7nm0/827e+Cg7Aepa9Caak4xWzFa7Fy4NDir4plIvGXnBBrGGVbmQTwv TjqGTDJ7wyjK29oGF+LNaLIfS4l10+5MMtFT7YidkOAT4usdExlNsgVZxIegOMLvbhSE RPQo5mpKhSvb449c0vnaGHNLZJQ6R6S0MmFbtEGH6SsA8OuIjbSboI5pYwzEPuQNU8eO pnsQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-transfer-encoding:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=UV/UDozeTgLMXB0zjPH3BaHlikZOVSESJylvUJajnJw=; b=kyeuKJB7kcESaoNinSL40Wg5b8POp8IoB4t5HWxuJj7MJpwbpUCxZbq4EGkMWNgZIY +vxFSKEaDTkLM5eil87o20vd2Pi2yIV7QpCWnBklbOqZw/uB6bU4ADEKcHeJ2Lj6yfAc h4k8kMYrdRZihIEOyAnhT229fT0Gn2BTJ2sHLyOvljbIN9wU/VseMsZQoLLw4JAbgrFd pzRuFPJq6KEwEwwLwfXrngK37lSCFIJ2g53coduI/ihp5SnI/TMWZIztyIrrDG94rF3M SKz4LJQqTykTJnu8Z4W/LfOfCtGlFA9EgcR8gzfgIIAfrsqFI6KAI7QVOrnSnc7CFa4z VMTQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s7si41551353pgb.567.2019.05.02.09.59.37; Thu, 02 May 2019 09:59:53 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726481AbfEBQ6k (ORCPT + 99 others); Thu, 2 May 2019 12:58:40 -0400 Received: from zeniv.linux.org.uk ([195.92.253.2]:53374 "EHLO ZenIV.linux.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726300AbfEBQ6j (ORCPT ); Thu, 2 May 2019 12:58:39 -0400 Received: from viro by ZenIV.linux.org.uk with local (Exim 4.92 #3 (Red Hat Linux)) id 1hMF2a-0003Sx-Au; Thu, 02 May 2019 16:58:36 +0000 Date: Thu, 2 May 2019 17:58:36 +0100 From: Al Viro To: Mimi Zohar Cc: Prakhar Srivastava , linux-integrity@vger.kernel.org, linux-secuirty-module@vger.kernel.org, linux-kernel@vger.kernel.org, ebiederm@xmission.com, vgoyal@redhat.com, nayna@linux.ibm.com Subject: Re: [PATCH v3 3/4] add kexec_cmdline used to ima Message-ID: <20190502165836.GX23075@ZenIV.linux.org.uk> References: <20190429214743.4625-1-prsriva02@gmail.com> <20190429214743.4625-4-prsriva02@gmail.com> <1556815955.4134.78.camel@linux.ibm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <1556815955.4134.78.camel@linux.ibm.com> User-Agent: Mutt/1.11.3 (2019-02-01) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, May 02, 2019 at 12:52:35PM -0400, Mimi Zohar wrote: > On Mon, 2019-04-29 at 14:47 -0700, Prakhar Srivastava wrote: > > From: Prakhar Srivastava > kexec doesn't really know or care about IMA.??Other than the IMA call, > itself, nothing should be added to kexec files.??As mentioned in 1/4, > the IMA hook would be named something like ima_kexec_cmdline(). > > + f = fdget(kernel_fd); > > + if (!f.file) > > + goto out; > > + > > + size = (f.file->f_path.dentry->d_name.len + cmdline_len - 1+ > > + ARRAY_SIZE(delimiter)) - 1; > > + > > + buf = kzalloc(size, GFP_KERNEL); > > + if (!buf) > > + goto out; > > + > > + memcpy(buf, f.file->f_path.dentry->d_name.name, > > + f.file->f_path.dentry->d_name.len); > > + memcpy(buf + f.file->f_path.dentry->d_name.len, > > + delimiter, ARRAY_SIZE(delimiter) - 1); > > + memcpy(buf + f.file->f_path.dentry->d_name.len + > > + ARRAY_SIZE(delimiter) - 1, > > + cmdline_ptr, cmdline_len - 1); Another thing is that it's so obviously racy, it's not even funny. Consider what rename(2) in parallel will do to that.