OpenCloudOS-Kernel/security
Konstantin Andreev b181e96e80 smack: unix sockets: fix accept()ed socket label
[ Upstream commit e86cac0acdb1a74f608bacefe702f2034133a047 ]

When a process accept()s connection from a unix socket
(either stream or seqpacket)
it gets the socket with the label of the connecting process.

For example, if a connecting process has a label 'foo',
the accept()ed socket will also have 'in' and 'out' labels 'foo',
regardless of the label of the listener process.

This is because kernel creates unix child sockets
in the context of the connecting process.

I do not see any obvious way for the listener to abuse
alien labels coming with the new socket, but,
to be on the safe side, it's better fix new socket labels.

Signed-off-by: Konstantin Andreev <andreev@swemel.ru>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2024-09-12 11:11:29 +02:00
..
apparmor apparmor: fix possible NULL pointer dereference 2024-09-08 07:54:40 +02:00
bpf selinux: remove the runtime disable functionality 2023-03-20 12:34:23 -04:00
integrity evm: don't copy up 'security.evm' xattr 2024-08-29 17:33:31 +02:00
keys task_work: s/task_work_cancel()/task_work_cancel_func()/ 2024-08-03 08:54:16 +02:00
landlock landlock: Don't lose track of restrictions on cred_transfer 2024-08-03 08:54:11 +02:00
loadpin LoadPin: Annotate struct dm_verity_loadpin_trusted_root_digest with __counted_by 2023-08-25 16:07:30 -07:00
lockdown selinux: remove the runtime disable functionality 2023-03-20 12:34:23 -04:00
safesetid SafeSetID: fix UID printed instead of GID 2023-06-20 20:26:00 -04:00
selinux selinux,smack: don't bypass permissions check in inode_setsecctx hook 2024-09-04 13:28:24 +02:00
smack smack: unix sockets: fix accept()ed socket label 2024-09-12 11:11:29 +02:00
tomoyo tomoyo: fix UAF write bug in tomoyo_write_control() 2024-03-06 14:48:39 +00:00
yama sysctl-6.4-rc1 2023-04-27 16:52:33 -07:00
Kconfig mm/slab: remove HAVE_HARDENED_USERCOPY_ALLOCATOR 2023-05-24 15:38:17 +02:00
Kconfig.hardening hardening: Move BUG_ON_DATA_CORRUPTION to hardening options 2023-08-15 14:57:25 -07:00
Makefile security: remove unneeded subdir-$(CONFIG_...) 2021-09-03 08:17:20 +09:00
commoncap.c lsm: constify the 'target' parameter in security_capget() 2023-08-08 16:48:47 -04:00
device_cgroup.c device_cgroup: Fix kernel-doc warnings in device_cgroup 2023-06-21 09:30:49 -04:00
inode.c security: convert to ctime accessor functions 2023-07-24 10:30:08 +02:00
lsm_audit.c lsm: fix a number of misspellings 2023-05-25 17:52:15 -04:00
min_addr.c sysctl: pass kernel pointers to ->proc_handler 2020-04-27 02:07:40 -04:00
security.c evm: don't copy up 'security.evm' xattr 2024-08-29 17:33:31 +02:00