Received: by 2002:a05:6a10:af89:0:0:0:0 with SMTP id iu9csp2287362pxb; Sun, 30 Jan 2022 10:48:16 -0800 (PST) X-Google-Smtp-Source: ABdhPJwsA+Wdo0q52khJAf+rlVlL+aL0NM9t7dOxPyqxfXdUo2/QnCrKLGx0WaYxfpupSh0ljK6G X-Received: by 2002:a17:90b:1983:: with SMTP id mv3mr20847108pjb.222.1643568496044; Sun, 30 Jan 2022 10:48:16 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1643568496; cv=none; d=google.com; s=arc-20160816; b=O5V61YOD4ipPUL2cvBLV9ZBQgRzeQ1oaUp4qoEZ7J7BsMTbE0WHR5TaEMoo9VatQEB 1BYkpo6bhKD+1COJy0Qk6hjmK2dXF+m49DwThYaJnC7j0TD2A1kPArsJK4mg/5bB/1O5 CT505H56d+hFIdUB8GHSSB9dLqxlnDjLyJHotTe31qFjKaMB/uac2/FQB3nFqIo8YCT4 6toEBf6UR2A7q9NfVyZPFsamUGbVn6PbFhivH95glAV+31W3N2VABSsPks5CS/8ImrfQ FO0ap90a4bZopPJOPlDSJkl/CU50anw0/lFZgPoaFmLzsP4XWs75iBWg3WTatzHvL+mO C5iA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=R8r95YkMOSc9NlatIPORrNnRvJrZqNNhRXOM4O8ucEM=; b=sdL5poesnxEysohwrEIThj41N2nGCO2PP/rljxHAiTiwD9DeUD2lJkYVWg+YUGmDlo YaAvqMZHLcMdERwHOEq+HEiE98FjNOgtkrTucWgAO64nhr0xXepE6Ve27FRrBLK7hsuF 2l2kAAHpKEbLuYLbkA3zcWiBmD6dewCPlKZogcO38eOzvi7n7bGrU7qkAcQ1kKrFyg0O 7X5g+9dNQ0Vo4jCYB9/6Vx/jn19xtcrgaEdTAomanUavOwTjdhg5ARuh047cEBJr6zxN IkARkoyhJOU34mljkc5d7R8k2ALE4YSgbEDngvEZ2EAmTjIPMso9tZjMDIp570YRTs7g qJuQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=V9O3Rw6Y; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id d8si11601816pgb.674.2022.01.30.10.48.03; Sun, 30 Jan 2022 10:48:16 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=V9O3Rw6Y; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231396AbiA1I7X (ORCPT + 99 others); Fri, 28 Jan 2022 03:59:23 -0500 Received: from ams.source.kernel.org ([145.40.68.75]:37208 "EHLO ams.source.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229783AbiA1I7W (ORCPT ); Fri, 28 Jan 2022 03:59:22 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 33B0DB81FAF; Fri, 28 Jan 2022 08:59:21 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 5DB77C340E0; Fri, 28 Jan 2022 08:59:17 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1643360360; bh=4yoIqw9LowZS2I5hqAuu9FXS3iDVuLfMLkYxabIfN3s=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=V9O3Rw6Yi9ioAukX1sLBaj5znyUeQor8eTFi7o6GL2cFW6MW3hxhqWsYdgsC8PTSt CMEYdsrVzS+4LGHxIU0nVIx/JKQ61qH8YHJ7a984Y98o9VG+0pOH7FK9YemnRXJ/0s iC3nwD7w2xeZTszhKGsrEErR9nGbzuY/HGeKTS950N+8EuooBuU+PIiuIWdFneULnw z29XSKB19Do4wg/EgF0Ca9uWKQTRzI9AcD4oGuTjTnVWsJiHHqPyLgBcUc2dsQr2NO zTIUubnlDiv7gobh9x80n2m/pIEZtpkeahYEGg2RflVIvSr/yvQKWe0Um83W0MFRs4 gEgozztsrO0HQ== Date: Fri, 28 Jan 2022 09:59:14 +0100 From: Christian Brauner To: Casey Schaufler Cc: Paul Moore , Christian Brauner , Christian Brauner , James Morris , Linux Security Module list , LKML , syzbot , David Howells , linux-fsdevel , selinux@vger.kernel.org Subject: Re: [PATCH v2] LSM: general protection fault in legacy_parse_param Message-ID: <20220128085914.rxrz7qt3uk7fp67d@wittgenstein> References: <018a9bb4-accb-c19a-5b0a-fde22f4bc822.ref@schaufler-ca.com> <018a9bb4-accb-c19a-5b0a-fde22f4bc822@schaufler-ca.com> <20211012103243.xumzerhvhklqrovj@wittgenstein> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Jan 27, 2022 at 08:51:44AM -0800, Casey Schaufler wrote: > The usual LSM hook "bail on fail" scheme doesn't work for cases where > a security module may return an error code indicating that it does not > recognize an input. In this particular case Smack sees a mount option > that it recognizes, and returns 0. A call to a BPF hook follows, which > returns -ENOPARAM, which confuses the caller because Smack has processed > its data. > > The SELinux hook incorrectly returns 1 on success. There was a time > when this was correct, however the current expectation is that it > return 0 on success. This is repaired. > > Reported-by: syzbot+d1e3b1d92d25abf97943@syzkaller.appspotmail.com > Signed-off-by: Casey Schaufler > --- Looks good, Acked-by: Christian Brauner