Gentoo Archives: gentoo-hardened

From:	"Javier Juan Martínez Cabezón" <tazok.id0@×××××.com>
To:	gentoo-hardened@l.g.o
Subject:	[gentoo-hardened] rsbac+pax fixation Patch to kernel 3.8
Date:	Mon, 29 Jul 2013 04:23:36
Message-Id:	`CAD98N_FESjxY0yj0xMrJqEHt+OjATrKM-Zagd5M+QLLoGXa5aQ@mail.gmail.com`

1	Hi folks, I have made another rsbac fixation patch to rsbac kernel 3.8
2
3	http://git.rsbac.org/cgi-bin/gitweb.cgi?p=linux-3.8.y.git;a=summary
4
5	and with PaX 3.8.13
6
7	http://grsecurity.net/test/pax-linux-3.8.13-test24.patch
8
9
10	I'm not sure if the stuff related with namei.c file is correct
11
12
13
14	#ifdef CONFIG_RSBAC_SYM_REDIR
15	rsbac_name = rsbac_symlink_redirect(dentry-
16	>d_inode, link, buflen);
17	if (rsbac_name) {
18	len = strlen(rsbac_name);
19	if (copy_to_user(buffer, rsbac_name, len))
20	len = -EFAULT;
21	kfree(rsbac_name);
22	}
23	else
24	#endif
25	if (len < sizeof(tmpbuf)) {
26	memcpy(tmpbuf, link, len);
27	newlink = tmpbuf;
28	} else
29	newlink = link;
30
31	if (copy_to_user(buffer, newlink, len))
32	len = -EFAULT;
33	out:
34	return len;
35	}
36
37	/*
38
39
40	PaX tries to do this modification to rsbac git code:
41
42	--- fs/namei.c 2013-03-19 01:53:21.091281869 +0100
43	+++ fs/namei.c 2013-03-19 01:53:31.251281326 +0100
44	@@ -3954,7 +3956,14 @@
45	len = strlen(link);
46	if (len > (unsigned) buflen)
47	len = buflen;
48	- if (copy_to_user(buffer, link, len))
49	+
50	+ if (len < sizeof(tmpbuf)) {
51	+ memcpy(tmpbuf, link, len);
52	+ newlink = tmpbuf;
53	+ } else
54	+ newlink = link;
55	+
56	+ if (copy_to_user(buffer, newlink, len))
57	len = -EFAULT;
58	out:
59	return len;
60
61	In fixation patch if CONFIG_RSBAC_SYM_REDIR is defined then test is:
62
63	if (copy_to_user(buffer, rsbac_name, len))
64	len = -EFAULT;
65
66	if you don't think this is correct any stuff is highly appreciated.

File name	MIME type
rsbac_pax_3.8.fixation.patch	text/x-patch

Subject	Author
Re: [gentoo-hardened] rsbac+pax fixation Patch to kernel 3.8	PaX Team <pageexec@×××××.com>