Th AF_ALG socket was missing a security label (e.g. SELinux)
which means that socket was in "unlabeled" state.
This was recently demonstrated in the cryptsetup package
(cryptsetup v1.6.5 and later.)
See https://bugzilla.redhat.com/show_bug.cgi?id=1115120
This patch clones the sock's label from the parent sock
and resolves the issue (similar to AF_BLUETOOTH protocol family).
Cc: [email protected]
Signed-off-by: Milan Broz <[email protected]>
---
crypto/af_alg.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/crypto/af_alg.c b/crypto/af_alg.c
index 966f893..6a3ad80 100644
--- a/crypto/af_alg.c
+++ b/crypto/af_alg.c
@@ -21,6 +21,7 @@
#include <linux/module.h>
#include <linux/net.h>
#include <linux/rwsem.h>
+#include <linux/security.h>
struct alg_type_list {
const struct af_alg_type *type;
@@ -243,6 +244,7 @@ int af_alg_accept(struct sock *sk, struct socket *newsock)
sock_init_data(newsock, sk2);
sock_graft(sk2, newsock);
+ security_sk_clone(sk, sk2);
err = type->accept(ask->private, sk2);
if (err) {
--
2.0.1
On Tuesday, July 29, 2014 08:41:09 PM Milan Broz wrote:
> Th AF_ALG socket was missing a security label (e.g. SELinux)
> which means that socket was in "unlabeled" state.
>
> This was recently demonstrated in the cryptsetup package
> (cryptsetup v1.6.5 and later.)
> See https://bugzilla.redhat.com/show_bug.cgi?id=1115120
>
> This patch clones the sock's label from the parent sock
> and resolves the issue (similar to AF_BLUETOOTH protocol family).
>
> Cc: [email protected]
> Signed-off-by: Milan Broz <[email protected]>
> ---
> crypto/af_alg.c | 2 ++
> 1 file changed, 2 insertions(+)
Thanks Milan, this patch looks good to me. Crypto folks, assuming no
objections, could you try to push this patch this week so it hits 3.16 proper
(assuming no more -rc releases)? Without this patch the latest versions of
cryptsetup could fail on a SELinux system leaving the system unable to boot
with SELinux in enforcing mode.
Acked-by: Paul Moore <[email protected]>
> diff --git a/crypto/af_alg.c b/crypto/af_alg.c
> index 966f893..6a3ad80 100644
> --- a/crypto/af_alg.c
> +++ b/crypto/af_alg.c
> @@ -21,6 +21,7 @@
> #include <linux/module.h>
> #include <linux/net.h>
> #include <linux/rwsem.h>
> +#include <linux/security.h>
>
> struct alg_type_list {
> const struct af_alg_type *type;
> @@ -243,6 +244,7 @@ int af_alg_accept(struct sock *sk, struct socket
> *newsock)
>
> sock_init_data(newsock, sk2);
> sock_graft(sk2, newsock);
> + security_sk_clone(sk, sk2);
>
> err = type->accept(ask->private, sk2);
> if (err) {
--
paul moore
http://www.paul-moore.com
On Tue, Jul 29, 2014 at 06:41:09PM +0000, Milan Broz wrote:
> Th AF_ALG socket was missing a security label (e.g. SELinux)
> which means that socket was in "unlabeled" state.
>
> This was recently demonstrated in the cryptsetup package
> (cryptsetup v1.6.5 and later.)
> See https://bugzilla.redhat.com/show_bug.cgi?id=1115120
>
> This patch clones the sock's label from the parent sock
> and resolves the issue (similar to AF_BLUETOOTH protocol family).
>
> Cc: [email protected]
> Signed-off-by: Milan Broz <[email protected]>
Applied to crypto. Thanks.
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt