To simplify the review - let me highlight the part that is new in V10
and which fixes the bug which Nathan spotted on ARM64.
(The other changes in V10 are only changes to documentation pulled
from Mickaël's -next branch.)
On Tue, Oct 18, 2022 at 08:22:09PM +0200, Günther Noack wrote:
> Introduce the LANDLOCK_ACCESS_FS_TRUNCATE flag for file truncation.
> ...
> In security/security.c, allocate security blobs at pointer-aligned
> offsets. This fixes the problem where one LSM's security blob can
> shift another LSM's security blob to an unaligned address. (Reported
> by Nathan Chancellor)
The corresponding implementation is:
> diff --git a/security/security.c b/security/security.c
> index b55596958d0c..e0fe4ba39eb9 100644
> --- a/security/security.c
> +++ b/security/security.c
> @@ -185,11 +185,12 @@ static void __init lsm_set_blob_size(int *need, int *lbs)
> {
> int offset;
>
> - if (*need > 0) {
> - offset = *lbs;
> - *lbs += *need;
> - *need = offset;
> - }
> + if (*need <= 0)
> + return;
> +
> + offset = ALIGN(*lbs, sizeof(void *));
> + *lbs = offset + *need;
> + *need = offset;
> }
(As discussed previously in
https://lore.kernel.org/all/Y07rP%2FYNYxvQzOei@nuc/)
—Günther
--
