Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / 2d5311e4e8272fd398fc1cf278f12fd6dee4074b
commit2d5311e4e8272fd398fc1cf278f12fd6dee4074b[log] [tgz]
authorEric Dumazet <eric.dumazet@gmail.com>Wed Dec 01 20:46:24 2010 +0000
committerDavid S. Miller <davem@davemloft.net>Mon Dec 06 12:59:09 2010 -0800
treed86fcab7044baa6ec41ef87b8eca186ae6f9ea89
parentae9c416d686db74f67d73c1bebf1e3a7e8b3c5b5 [diff]
filter: add a security check at install time

We added some security checks in commit 57fe93b374a6
(filter: make sure filters dont read uninitialized memory) to close a
potential leak of kernel information to user.

This added a potential extra cost at run time, while we can perform a
check of the filter itself, to make sure a malicious user doesnt try to
abuse us.

This patch adds a check_loads() function, whole unique purpose is to
make this check, allocating a temporary array of mask. We scan the
filter and propagate a bitmask information, telling us if a load M(K) is
allowed because a previous store M(K) is guaranteed. (So that
sk_run_filter() can possibly not read unitialized memory)

Note: this can uncover application bug, denying a filter attach,
previously allowed.

Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Cc: Dan Rosenberg <drosenberg@vsecurity.com>
Cc: Changli Gao <xiaosuo@gmail.com>
Acked-by: Changli Gao <xiaosuo@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
1 file changed
tree: d86fcab7044baa6ec41ef87b8eca186ae6f9ea89
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. COPYING
  25. CREDITS
  26. Kbuild
  27. Kconfig
  28. MAINTAINERS
  29. Makefile
  30. README
  31. REPORTING-BUGS