Re: [PATCH] SELinux: Fix possible NULL pointer dereference in selinux_inode_permission()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Jan 09, 2014 at 05:18:09PM -0500, Eric Paris wrote:

> > Just RCU-delay freeing the damn thing and treat NULL ->i_security in
> > ->permission() (which can happen only with MAY_NOT_BLOCK in mask) as
> > "return -ECHILD and let the caller deal with that".
> > 
> > Modifying every ->destroy_inode() is obviously wrong - there's a lot more
> > filesystems than LSM buggers in the tree.
> 
> We just want the same lifetime as the inode.  Allocate the security blob
> when the inode is allocated and free the security blob when the inode is
> freed.

Ultimate freeing of struct inode can easily happen outside of VFS - that's
what ->destroy_inode() is for.  Moreover, filesystem might decide to do
very odd things to it, as long as it doesn't do so without RCU delay.
So no, there's no single place to do that.
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]