On Tue, Apr 23, 2019 at 12:08 AM Yang Yingliang
wrote:
> On 2019/4/23 3:48, Paul Moore wrote:
> > On Sat, Apr 20, 2019 at 3:39 AM Yang Yingliang
> > wrote:
> >> I'm not sure you got my point.
> > I went back and looked at your previous emails again to try and
> > understand what you are talking
On 2019/4/23 3:48, Paul Moore wrote:
On Sat, Apr 20, 2019 at 3:39 AM Yang Yingliang wrote:
I'm not sure you got my point.
I went back and looked at your previous emails again to try and
understand what you are talking about, and I'm a little confused by
some of the output ...
---
his again? Looking at the task
pointer and the timestamp, this is the same task exiting and trying to
write to the accounting file, yes? This output is particularly
curious since it appears that real_cred has changed; where is this
happening?
> [ 56.653565] [ cut here ]-
On 2019/4/20 0:13, Paul Moore wrote:
On Fri, Apr 19, 2019 at 10:34 AM Yang Yingliang
wrote:
On 2019/4/19 21:24, Paul Moore wrote:
On Thu, Apr 18, 2019 at 10:42 PM Yang Yingliang
wrote:
On 2019/4/19 10:04, Paul Moore wrote:
On Wed, Apr 17, 2019 at 10:50 PM Yang Yingliang
wrote:
On
On Thu, Apr 18, 2019 at 10:42 PM Yang Yingliang
wrote:
> On 2019/4/19 10:04, Paul Moore wrote:
> > On Wed, Apr 17, 2019 at 10:50 PM Yang Yingliang
> > wrote:
> >> On 2019/4/18 8:24, Casey Schaufler wrote:
> >>> On 4/17/2019 4:39 PM, Paul Moore wrote:
> Since it looks like all three LSMs
On Fri, Apr 19, 2019 at 10:34 AM Yang Yingliang
wrote:
> On 2019/4/19 21:24, Paul Moore wrote:
> > On Thu, Apr 18, 2019 at 10:42 PM Yang Yingliang
> > wrote:
> >> On 2019/4/19 10:04, Paul Moore wrote:
> >>> On Wed, Apr 17, 2019 at 10:50 PM Yang Yingliang
> >>> wrote:
> On 2019/4/18 8:24,
f88841ae450c0
[ 56.653565] --------[ cut here ]--------
[ 56.655119] kernel BUG at kernel/cred.c:434!
[ 56.656590] invalid opcode: [#1] SMP PTI
[ 56.658033] CPU: 2 PID: 4169 Comm: syz-executor.15 Not tainted
5.1.0-rc4-00034-g869e3305f23d-dirty #143
[ 56.661077] Hardware name: QEMU S
On 2019/4/19 10:04, Paul Moore wrote:
On Wed, Apr 17, 2019 at 10:50 PM Yang Yingliang
wrote:
On 2019/4/18 8:24, Casey Schaufler wrote:
On 4/17/2019 4:39 PM, Paul Moore wrote:
Since it looks like all three LSMs which implement the setprocattr
hook are vulnerable I'm open to the idea that
On Wed, Apr 17, 2019 at 10:50 PM Yang Yingliang
wrote:
> On 2019/4/18 8:24, Casey Schaufler wrote:
> > On 4/17/2019 4:39 PM, Paul Moore wrote:
> >>
> >> Since it looks like all three LSMs which implement the setprocattr
> >> hook are vulnerable I'm open to the idea that proc_pid_attr_write() is
>
On 4/17/19 12:42 PM, Casey Schaufler wrote:
On 4/17/2019 9:27 AM, Oleg Nesterov wrote:
On 04/17, Paul Moore wrote:
On Wed, Apr 17, 2019 at 10:57 AM Oleg Nesterov wrote:
On 04/17, Paul Moore wrote:
I'm tempted to simply return an error in selinux_setprocattr() if
the task's credentials are
Hi, Casey
On 2019/4/18 8:24, Casey Schaufler wrote:
On 4/17/2019 4:39 PM, Paul Moore wrote:
On Wed, Apr 17, 2019 at 12:27 PM Oleg Nesterov wrote:
On 04/17, Paul Moore wrote:
On Wed, Apr 17, 2019 at 10:57 AM Oleg Nesterov
wrote:
On 04/17, Paul Moore wrote:
I'm tempted to simply return an
On 4/17/2019 4:39 PM, Paul Moore wrote:
On Wed, Apr 17, 2019 at 12:27 PM Oleg Nesterov wrote:
On 04/17, Paul Moore wrote:
On Wed, Apr 17, 2019 at 10:57 AM Oleg Nesterov wrote:
On 04/17, Paul Moore wrote:
I'm tempted to simply return an error in selinux_setprocattr() if
the task's
On 4/17/19 4:39 PM, Paul Moore wrote:
> On Wed, Apr 17, 2019 at 12:27 PM Oleg Nesterov wrote:
>> On 04/17, Paul Moore wrote:
>>>
>>> On Wed, Apr 17, 2019 at 10:57 AM Oleg Nesterov wrote:
On 04/17, Paul Moore wrote:
>
> I'm tempted to simply return an error in selinux_setprocattr()
On Wed, Apr 17, 2019 at 12:27 PM Oleg Nesterov wrote:
> On 04/17, Paul Moore wrote:
> >
> > On Wed, Apr 17, 2019 at 10:57 AM Oleg Nesterov wrote:
> > > On 04/17, Paul Moore wrote:
> > > >
> > > > I'm tempted to simply return an error in selinux_setprocattr() if
> > > > the task's credentials are
On 4/17/2019 9:27 AM, Oleg Nesterov wrote:
On 04/17, Paul Moore wrote:
On Wed, Apr 17, 2019 at 10:57 AM Oleg Nesterov wrote:
On 04/17, Paul Moore wrote:
I'm tempted to simply return an error in selinux_setprocattr() if
the task's credentials are not the same as its real_cred;
What about
On 04/17, Paul Moore wrote:
>
> On Wed, Apr 17, 2019 at 10:57 AM Oleg Nesterov wrote:
> > On 04/17, Paul Moore wrote:
> > >
> > > I'm tempted to simply return an error in selinux_setprocattr() if
> > > the task's credentials are not the same as its real_cred;
> >
> > What about other modules? I
On Wed, Apr 17, 2019 at 10:57 AM Oleg Nesterov wrote:
> On 04/17, Paul Moore wrote:
> >
> > I'm tempted to simply return an error in selinux_setprocattr() if
> > the task's credentials are not the same as its real_cred;
>
> What about other modules? I have no idea what smack_setprocattr() is,
>
On 4/17/2019 7:57 AM, Oleg Nesterov wrote:
On 04/17, Paul Moore wrote:
I'm tempted to simply return an error in selinux_setprocattr() if
the task's credentials are not the same as its real_cred;
What about other modules? I have no idea what smack_setprocattr() is,
but it too does
On 04/17, Paul Moore wrote:
>
> I'm tempted to simply return an error in selinux_setprocattr() if
> the task's credentials are not the same as its real_cred;
What about other modules? I have no idea what smack_setprocattr() is,
but it too does prepare_creds/commit creds.
it seems that the
On Tue, Apr 16, 2019 at 10:46 AM chengjian (D) wrote:
> On 2019/4/16 11:40, Kees Cook wrote:
> > On Mon, Apr 15, 2019 at 11:20 AM Paul Moore wrote:
> >> On Mon, Apr 15, 2019 at 11:05 AM Oleg Nesterov wrote:
> >>> On 04/15, Paul Moore wrote:
> On Mon, Apr 15, 2019 at 9:43 AM Oleg Nesterov
On 2019/4/16 11:40, Kees Cook wrote:
On Mon, Apr 15, 2019 at 11:20 AM Paul Moore wrote:
On Mon, Apr 15, 2019 at 11:05 AM Oleg Nesterov wrote:
On 04/15, Paul Moore wrote:
On Mon, Apr 15, 2019 at 9:43 AM Oleg Nesterov wrote:
Well, acct("/proc/self/attr/current") doesn't look like a good
On Mon, Apr 15, 2019 at 11:20 AM Paul Moore wrote:
>
> On Mon, Apr 15, 2019 at 11:05 AM Oleg Nesterov wrote:
> > On 04/15, Paul Moore wrote:
> > >
> > > On Mon, Apr 15, 2019 at 9:43 AM Oleg Nesterov wrote:
> > > > Well, acct("/proc/self/attr/current") doesn't look like a good idea,
> > > > but
On Mon, Apr 15, 2019 at 11:05 AM Oleg Nesterov wrote:
> On 04/15, Paul Moore wrote:
> >
> > On Mon, Apr 15, 2019 at 9:43 AM Oleg Nesterov wrote:
> > > Well, acct("/proc/self/attr/current") doesn't look like a good idea, but
> > > I do
> > > not know where should we put the additional check...
On 04/15, Paul Moore wrote:
>
> On Mon, Apr 15, 2019 at 9:43 AM Oleg Nesterov wrote:
> > Well, acct("/proc/self/attr/current") doesn't look like a good idea, but I
> > do
> > not know where should we put the additional check... And probably
> > "echo /proc/self/attr/current >
PM, chengjian (D) wrote:
> >
> > Added LSM and SELinux lists.
> >
> >
> > >Hi.
> > >
> > >
> > >syzkaller reported the following BUG:
> > >
> > >[ 73.146973] kernel BUG at kernel/cred.c:434!
> > >[
t;Hi.
> >
> >
> >syzkaller reported the following BUG:
> >
> >[ 73.146973] kernel BUG at kernel/cred.c:434!
> >[ 73.150231] invalid opcode: [#1] SMP KASAN PTI
> >[ 73.151928] CPU: 2 PID: 4058 Comm: syz-executor.6 Not tainted
> >5.1.0-rc4-00062-g2d06b
On 4/11/2019 11:21 PM, chengjian (D) wrote:
Added LSM and SELinux lists.
Hi.
syzkaller reported the following BUG:
[ 73.146973] kernel BUG at kernel/cred.c:434!
[ 73.150231] invalid opcode: [#1] SMP KASAN PTI
[ 73.151928] CPU: 2 PID: 4058 Comm: syz-executor.6 Not tainted
5.1.0
Hi.
syzkaller reported the following BUG:
[ 73.146973] kernel BUG at kernel/cred.c:434!
[ 73.150231] invalid opcode: [#1] SMP KASAN PTI
[ 73.151928] CPU: 2 PID: 4058 Comm: syz-executor.6 Not tainted
5.1.0-rc4-00062-g2d06b235815e-dirty #2
[ 73.155174] Hardware name: QEMU Standard
28 matches
Mail list logo