Re: [PATCH] kernel: sysctl: ignore invalid taint bits introduced via kernel.tainted and taint the kernel with TAINT_USER on writes

On Tue, May 12, 2020 at 03:46:54PM +, Luis Chamberlain wrote: > On Tue, May 12, 2020 at 10:49:06AM -0400, Rafael Aquini wrote: > > On Tue, May 12, 2020 at 05:04:05AM +, Luis Chamberlain wrote: > > > On Mon, May 11, 2020 at 09:03:13PM -0400, Rafael Aquini wrote: > > > > On Tue, May 12, 2020

Re: [PATCH] kernel: sysctl: ignore invalid taint bits introduced via kernel.tainted and taint the kernel with TAINT_USER on writes

On Tue, May 12, 2020 at 10:49:06AM -0400, Rafael Aquini wrote: > On Tue, May 12, 2020 at 05:04:05AM +, Luis Chamberlain wrote: > > On Mon, May 11, 2020 at 09:03:13PM -0400, Rafael Aquini wrote: > > > On Tue, May 12, 2020 at 12:17:03AM +, Luis Chamberlain wrote: > > > > On Mon, May 11, 2020

Re: [PATCH] kernel: sysctl: ignore invalid taint bits introduced via kernel.tainted and taint the kernel with TAINT_USER on writes

On Tue, May 12, 2020 at 05:04:05AM +, Luis Chamberlain wrote: > On Mon, May 11, 2020 at 09:03:13PM -0400, Rafael Aquini wrote: > > On Tue, May 12, 2020 at 12:17:03AM +, Luis Chamberlain wrote: > > > On Mon, May 11, 2020 at 07:59:14PM -0400, Rafael Aquini wrote: > > > > On Mon, May 11, 2020

Re: [PATCH] kernel: sysctl: ignore invalid taint bits introduced via kernel.tainted and taint the kernel with TAINT_USER on writes

On Mon, May 11, 2020 at 09:03:13PM -0400, Rafael Aquini wrote: > On Tue, May 12, 2020 at 12:17:03AM +, Luis Chamberlain wrote: > > On Mon, May 11, 2020 at 07:59:14PM -0400, Rafael Aquini wrote: > > > On Mon, May 11, 2020 at 11:10:45PM +, Luis Chamberlain wrote: > > > > On Mon, May 11, 2020

Re: [PATCH] kernel: sysctl: ignore invalid taint bits introduced via kernel.tainted and taint the kernel with TAINT_USER on writes

On Tue, May 12, 2020 at 12:17:03AM +, Luis Chamberlain wrote: > On Mon, May 11, 2020 at 07:59:14PM -0400, Rafael Aquini wrote: > > On Mon, May 11, 2020 at 11:10:45PM +, Luis Chamberlain wrote: > > > On Mon, May 11, 2020 at 05:59:04PM -0400, Rafael Aquini wrote: > > > > diff --git a/kernel/s

Re: [PATCH] kernel: sysctl: ignore invalid taint bits introduced via kernel.tainted and taint the kernel with TAINT_USER on writes

On Mon, May 11, 2020 at 07:59:14PM -0400, Rafael Aquini wrote: > On Mon, May 11, 2020 at 11:10:45PM +, Luis Chamberlain wrote: > > On Mon, May 11, 2020 at 05:59:04PM -0400, Rafael Aquini wrote: > > > diff --git a/kernel/sysctl.c b/kernel/sysctl.c > > > index 8a176d8727a3..f0a4fb38ac62 100644 >

Re: [PATCH] kernel: sysctl: ignore invalid taint bits introduced via kernel.tainted and taint the kernel with TAINT_USER on writes

On Mon, May 11, 2020 at 11:10:45PM +, Luis Chamberlain wrote: > On Mon, May 11, 2020 at 05:59:04PM -0400, Rafael Aquini wrote: > > The sysctl knob allows any user with SYS_ADMIN capability to > > taint the kernel with any arbitrary value, but this might > > produce an invalid flags bitset being

Re: [PATCH] kernel: sysctl: ignore invalid taint bits introduced via kernel.tainted and taint the kernel with TAINT_USER on writes

On Mon, May 11, 2020 at 05:59:04PM -0400, Rafael Aquini wrote: > The sysctl knob allows any user with SYS_ADMIN capability to > taint the kernel with any arbitrary value, but this might > produce an invalid flags bitset being committed to tainted_mask. > > This patch introduces a simple way for pr

[PATCH] kernel: sysctl: ignore invalid taint bits introduced via kernel.tainted and taint the kernel with TAINT_USER on writes

The sysctl knob allows any user with SYS_ADMIN capability to taint the kernel with any arbitrary value, but this might produce an invalid flags bitset being committed to tainted_mask. This patch introduces a simple way for proc_taint() to ignore any eventual invalid bit coming from the user input