Tetsuo Handa
from-****@I-lov*****
Thu Jan 13 17:52:15 JST 2011
TOMOYO
ForkJamie Nguyen wrote:
> I would appreciate it if you could take a
> look at the patch, as I was wondering if there are any serious
> concerns about using both of these patches together? I am not sure if
> they would do something unexpected and actually result in a huge
> security flaw.
I have no known issues with using both at the same time.
I don't know how to use grsecurity. My worry is that grsecurity
patch would let application repeat calling recv(MSG_PEEK) forever
(i.e. CPU consumption loop in userland) due to
try_again:
skb = __skb_recv_datagram(sk, flags | (noblock ? MSG_DONTWAIT : 0),
&peeked, &err);
if (!skb)
goto out;
if (ccs_socket_post_recvmsg_permission(sk, skb, flags)) {
err = -EAGAIN; /* Hope less harmful than -EPERM. */
goto out;
}
err = gr_search_udp_recvmsg(sk, skb);
if (err)
goto out_free;
(...snipped...)
out_free:
skb_free_datagram_locked(sk, skb);
out:
return err;
(in file net/ipv4/udp.c ) if the application did not close the socket upon error.
(TOMOYO calls skb_kill_datagram() in ccs_socket_post_recvmsg_permission()
upon error in order to avoid CPU consumption pitfall).
Anyway, in the trunk/1.8.x/ccs-patch/patches/ directory, ccs-patch for
2.6.32.28+grsecurity and 2.6.36.3+grsecurity are ready. (revision 4358)
Regards.