On Thu, Dec 5, 2024 at 6:42 PM Christian Göttsche
<cgzones@xxxxxxxxxxxxxx> wrote:
>
> Dec 5, 2024 02:09:39 Thiébaud Weksteen <tweek@xxxxxxxxxx>:
>
> > When evaluating extended permissions, ignore unknown permissions instead
> > of calling BUG(). This commit ensures that future permissions can be
> > added without interfering with older kernels.
> >
> > Fixes: fa1aa143ac4a ("selinux: extended permissions for ioctls")
> > Cc: stable@xxxxxxxxxxxxxxx
> > Signed-off-by: Thiébaud Weksteen <tweek@xxxxxxxxxx>
> > - BUG();
> > + pr_warn_once(
> > + "SELinux: unknown extended permission (%u) will be ignored\n",
> > + node->datum.u.xperms->specified);
> > + return;
> > }
>
> What about instead of logging once per boot at access decision time logging once per policyload at parse time, like suggested for patch https://patchwork.kernel.org/project/selinux/patch/20241115133619.114393-11-cgoettsche@xxxxxxxxxxxxx/ ?
>
I agree, warning when the policy is loaded makes more sense. For this
particular bug, I am trying to keep the patch to a bare minimum as I
intend to backport it to stable kernels (on Android, this is
preventing us from deploying a policy compatible with both older and
newer kernels). Maybe we could land the first version of this patch
(without any warning message), with the understanding that your patch
will land soon after?
