selinux: log raw contexts as untrusted strings
These strings may come from untrusted sources (e.g. file xattrs) so they
need to be properly escaped.
Reproducer:
# setenforce 0
# touch /tmp/test
# setfattr -n security.selinux -v 'kuřecí řízek' /tmp/test
# runcon system_u:system_r:sshd_t:s0 cat /tmp/test
(look at the generated AVCs)
Actual result:
type=AVC [...] trawcon=kuřecí řízek
Expected result:
type=AVC [...] trawcon=6B75C5996563C3AD20C599C3AD7A656B
Fixes: fede148324
("selinux: log invalid contexts in AVCs")
Cc: stable@vger.kernel.org # v5.1+
Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
Acked-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
This commit is contained in:
Родитель
05174c95b8
Коммит
aff7ed4851
|
@ -739,14 +739,20 @@ static void avc_audit_post_callback(struct audit_buffer *ab, void *a)
|
|||
rc = security_sid_to_context_inval(sad->state, sad->ssid, &scontext,
|
||||
&scontext_len);
|
||||
if (!rc && scontext) {
|
||||
audit_log_format(ab, " srawcon=%s", scontext);
|
||||
if (scontext_len && scontext[scontext_len - 1] == '\0')
|
||||
scontext_len--;
|
||||
audit_log_format(ab, " srawcon=");
|
||||
audit_log_n_untrustedstring(ab, scontext, scontext_len);
|
||||
kfree(scontext);
|
||||
}
|
||||
|
||||
rc = security_sid_to_context_inval(sad->state, sad->tsid, &scontext,
|
||||
&scontext_len);
|
||||
if (!rc && scontext) {
|
||||
audit_log_format(ab, " trawcon=%s", scontext);
|
||||
if (scontext_len && scontext[scontext_len - 1] == '\0')
|
||||
scontext_len--;
|
||||
audit_log_format(ab, " trawcon=");
|
||||
audit_log_n_untrustedstring(ab, scontext, scontext_len);
|
||||
kfree(scontext);
|
||||
}
|
||||
}
|
||||
|
|
Загрузка…
Ссылка в новой задаче