Re: [PATCH] selinux: log raw contexts as untrusted strings

On Wed, Jun 12, 2019 at 12:56 AM Paul Moore <paul(a)paul-moore.com&gt; wrote: > On Tue, Jun 11, 2019 at 4:07 AM Ondrej Mosnacek <omosnace(a)redhat.com&gt; wrote: > > These strings may come from untrusted sources (e.g. file xattrs) so they > > need to be properly escaped. > > > > Reproducer: > > # setenforce 0 > > # touch /tmp/test > > # setfattr -n security.selinux -v 'kuřecí řízek' /tmp/test > > # runcon system_u:system_r:sshd_t:s0 cat /tmp/test > > (look at the generated AVCs) > > > > Actual result: > > type=AVC [...] trawcon=kuřecí řízek > > > > Expected result: > > type=AVC [...] trawcon=6B75C5996563C3AD20C599C3AD7A656B > > > > Fixes: fede148324c3 ("selinux: log invalid contexts in AVCs") > > Cc: stable(a)vger.kernel.org # v5.1+ > > Signed-off-by: Ondrej Mosnacek <omosnace(a)redhat.com&gt; > > --- > > security/selinux/avc.c | 10 ++++++++-- > > 1 file changed, 8 insertions(+), 2 deletions(-) > > Thanks, the patch looks fine to me, but it is borderline -stable > material in my opinion. I'll add it to the stable-5.2 branch, but in > the future I would prefer if you left the stable marking off patches > and sent a reply discussing *why* this should go to stable so we can > discuss it. I realize Greg likes to pull a lot of stuff into stable, > but I try to be a bit more conservative about what gets marked. Even > the simplest fix can still break things :) OK, I was a bit unsure whether to mark it as stable or not and eventually inclined to do so... I'll try be more careful about it in the future.