On Tue, Dec 3, 2024 at 5:27 PM Thiébaud Weksteen tweek@google.com wrote:
When evaluating extended permissions, ignore unknown permissions instead of calling BUG(). This commit ensures that future permissions can be added without interfering with older kernels.
Fixes: fa1aa143ac4a ("selinux: extended permissions for ioctls") Cc: stable@vger.kernel.org Signed-off-by: Thiébaud Weksteen tweek@google.com
security/selinux/ss/services.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 971c45d576ba..2fa8aebcb2e5 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -979,7 +979,8 @@ void services_compute_xperms_decision(struct extended_perms_decision *xpermd, return; break; default:
BUG();
// An unknown extended permission has been found. Ignore it.return;
There is also a BUG() call lower in the function when it generates the extended data, do you want to update/remove that as well?
It also seems like we should have a pr_warn_once() or pr_warn_ratelimited() message here to alert the admin of a mismatch between the policy and the kernel.
} if (node->key.specified == AVTAB_XPERMS_ALLOWED) {--