Re: Another slab size-32 leak 2.6.16-rc4-mm2
On Tue, Feb 28, 2006 at 05:37:40PM -0600, Dustin Kirkland wrote:
As I understand it, the code as it stands in Viro's git tree
performs
all of (a), (b), (c), and (d) sufficiently for collecting the context
of IPC objects, as well as the subject contexts of the initiating
syscalls for LSPP certification.
Please take a closer look at the code. The function that is
collecting the ipc object label -- audit_ipc_context() -- is called in
two places: audit_ipc_perms() and ipcperms().
audit_ipc_perms() is invoked during the following operations:
msgctl - IPC_SET
semctl - IPC_SET
shmctl - IPC_SET
ipcperms() is invoked during the following operations:
msgctl - IPC_STAT
msgsnd
msgrcv
semget
semctl - SEM_STAT
semctl - SETALL
semtimedop
shmget
shmctl - IPC_STAT
shmat
If you remove the audit_ipc_context() call from ipcperms() you will
not be collecting object labels for the second set of operations.
This does not meet LSPP requirements.
Your patch claims to collect object labels for ipc operations. But
since it only attaches the label to the audit context for the IPC_SET
calls, it does not do what it claims. At a minimum, your patch needs
to be fixed to attach the object label to the audit context for the
second set of operations.
Regards,
Amy