Re: [PATCH] selinux: log raw contexts as untrusted strings

On 2019-06-11 10:07, Ondrej Mosnacek wrote:

These strings may come from untrusted sources (e.g. file xattrs) so they need to be properly escaped.

Reproducer: # setenforce 0 # touch /tmp/test # setfattr -n security.selinux -v 'kuřecí řízek' /tmp/test # runcon system_u:system_r:sshd_t:s0 cat /tmp/test (look at the generated AVCs)

Actual result: type=AVC [...] trawcon=kuřecí řízek

Expected result: type=AVC [...] trawcon=6B75C5996563C3AD20C599C3AD7A656B

Fixes: fede148324c3 ("selinux: log invalid contexts in AVCs") Cc: stable@vger.kernel.org # v5.1+ Signed-off-by: Ondrej Mosnacek omosnace@redhat.com

Acked-by: Richard Guy Briggs rgb@redhat.com

---

security/selinux/avc.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/security/selinux/avc.c b/security/selinux/avc.c index 8346a4f7c5d7..a99be508f93d 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c @@ -739,14 +739,20 @@ static void avc_audit_post_callback(struct audit_buffer *ab, void *a) rc = security_sid_to_context_inval(sad->state, sad->ssid, &scontext, &scontext_len); if (!rc && scontext) {

• audit_log_format(ab, " srawcon=%s", scontext);
  

• if (scontext_len && scontext[scontext_len - 1] == '\0')
  

• 	scontext_len--;
  

• audit_log_format(ab, " srawcon=");
  

• audit_log_n_untrustedstring(ab, scontext, scontext_len);
  

  kfree(scontext); }

rc = security_sid_to_context_inval(sad->state, sad->tsid, &scontext, &scontext_len); if (!rc && scontext) {

• audit_log_format(ab, " trawcon=%s", scontext);
  

• if (scontext_len && scontext[scontext_len - 1] == '\0')
  

• 	scontext_len--;
  

• audit_log_format(ab, " trawcon=");
  

• audit_log_n_untrustedstring(ab, scontext, scontext_len);
  

  kfree(scontext); }

}

2.20.1

-- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit

- RGB

-- Richard Guy Briggs rgb@redhat.com Sr. S/W Engineer, Kernel Security, Base Operating Systems Remote, Ottawa, Red Hat Canada IRC: rgb, SunRaycer Voice: +1.647.777.2635, Internal: (81) 32635