Summary: | severe bug in sys_mkdir, vfs_mkdir is invoked twice | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | jochen <jochen.eisinger> |
Component: | [OLD] Core system | Assignee: | x86-kernel (DEPRECATED) <x86-kernel> |
Status: | VERIFIED FIXED | ||
Severity: | major | CC: | flash3001, GertThiel |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
jochen
2004-01-23 03:08:38 UTC
actually I think it just needs some brackets hu? This is the vanilla linux code: if (!IS_ERR(dentry)) { error = vfs_mkdir(nd.dentry->d_inode, dentry, mode & ~current->fs->umask); dput(dentry); } This is the grsecurity code: if (!IS_ERR(dentry)) { error = 0; if (!gr_acl_handle_mkdir(dentry, nd.dentry, nd.mnt)) error = -EACCES; if(!error) error = vfs_mkdir(nd.dentry->d_inode, dentry, mode & ~current->fs->umask); if(!error) gr_handle_create(dentry, nd.mnt); dput(dentry); } This is the POSIX ACL code: if (!IS_ERR(dentry)) { if (!IS_POSIXACL(nd.dentry->d_inode)) mode &= ~current->fs->umask; error = vfs_mkdir(nd.dentry->d_inode, dentry, mode); dput(dentry); } All only contain one call to vfs_mkdir, so the merged version should also only contain one. In sys_mknod the POSIXACL is tested before all grsecurity calls. In open_namei POSIXACL is tested between the grsecurity calls and the actual vfs call. In sys_mkdir it is tested after the vfs_call... Since in the grsecurity only version, "mode" is passed to the grsecurity functions "as is", I'd recommend doing the POSIXACL thing after the grsecurity calls but before the vfs call, like it is done in open_namei. The merged code would be: if (!IS_ERR(dentry)) { error = 0; if (!gr_acl_handle_mkdir(dentry, nd.dentry, nd.mnt)) error = -EACCES; if(!error) { if (!IS_POSIXACL(nd.dentry->d_inode)) mode &= ~current->fs->umask; error = vfs_mkdir(nd.dentry->d_inode, dentry, mode); } if(!error) gr_handle_create(dentry, nd.mnt); dput(dentry); } similar changes should be made to sys_mknod I was thinking at first glance that you could indent the last vfs_mkdir and use brackets to make that one code block, but your way seems correct (that's how gentoo-sources does it). *** Bug 41462 has been marked as a duplicate of this bug. *** Closing. Bug appears fixed. Closed. Bug fixed. |