Kernel/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2025-01-06 05:06:29 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
5071beb59e
linux-stable/security
History
Tetsuo Handa 5153497611 tomoyo: fallback to realpath if symlink's pathname does not exist 
commit ada1986d07 upstream.

Alfred Agrell found that TOMOYO cannot handle execveat(AT_EMPTY_PATH)
inside chroot environment where /dev and /proc are not mounted, for
commit 51f39a1f0c ("syscalls: implement execveat() system call") missed
that TOMOYO tries to canonicalize argv[0] when the filename fed to the
executed program as argv[0] is supplied using potentially nonexistent
pathname.

Since "/dev/fd/<fd>" already lost symlink information used for obtaining
that <fd>, it is too late to reconstruct symlink's pathname. Although
<filename> part of "/dev/fd/<fd>/<filename>" might not be canonicalized,
TOMOYO cannot use tomoyo_realpath_nofollow() when /dev or /proc is not
mounted. Therefore, fallback to tomoyo_realpath_from_path() when
tomoyo_realpath_nofollow() failed.

Reported-by: Alfred Agrell <blubban@gmail.com>
Closes: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082001
Fixes: 51f39a1f0c ("syscalls: implement execveat() system call")
Cc: stable@vger.kernel.org # v3.19+
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2024-10-17 15:22:00 +02:00
..
apparmor apparmor: fix possible NULL pointer dereference 2024-09-08 07:53:07 +02:00
bpf bpf: lsm: Set bpf_lsm_blob_sizes.lbs_task to 0 2024-10-17 15:21:27 +02:00
integrity ima: Avoid blocking in RCU read-side critical section 2024-07-11 12:47:16 +02:00
keys task_work: s/task_work_cancel()/task_work_cancel_func()/ 2024-08-03 08:49:33 +02:00
landlock landlock: Don't lose track of restrictions on cred_transfer 2024-08-03 08:49:29 +02:00
loadpin LoadPin: Ignore the "contents" argument of the LSM hooks 2022-12-31 13:33:07 +01:00
lockdown lockdown: ratelimit denial messages 2022-09-14 07:37:50 -04:00
safesetid LSM: SafeSetID: Add setgroups() security policy handling 2022-07-15 18:24:42 +00:00
selinux selinux,smack: don't bypass permissions check in inode_setsecctx hook 2024-10-17 15:21:15 +02:00
smack selinux,smack: don't bypass permissions check in inode_setsecctx hook 2024-10-17 15:21:15 +02:00
tomoyo tomoyo: fallback to realpath if symlink's pathname does not exist 2024-10-17 15:22:00 +02:00
yama task_work: cleanup notification modes 2020-10-17 15:05:30 -06:00
commoncap.c capabilities: fix potential memleak on error path from vfs_getxattr_alloc() 2022-10-28 06:44:33 -04:00
device_cgroup.c device_cgroup: Roll back to original exceptions after copy failure 2023-01-07 11:11:56 +01:00
inode.c Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-07-19 10:42:02 -07:00
Kconfig proc: add config & param to block forcing mem writes 2024-10-17 15:21:39 +02:00
Kconfig.hardening randstruct: disable Clang 15 support 2023-02-25 11:25:43 +01:00
lsm_audit.c lsm: clean up redundant NULL pointer check 2022-08-15 22:44:01 -04:00
Makefile security: remove unneeded subdir-$(CONFIG_...) 2021-09-03 08:17:20 +09:00
min_addr.c sysctl: pass kernel pointers to ->proc_handler 2020-04-27 02:07:40 -04:00
security.c ima: Avoid blocking in RCU read-side critical section 2024-07-11 12:47:16 +02:00