diff mbox series

[v2] selinux: pre-allocate the status page

Message ID 20240405155033.249321-1-cgoettsche@seltendoof.de (mailing list archive)
State Accepted
Delegated to: Paul Moore
Headers show
Series [v2] selinux: pre-allocate the status page | expand

Commit Message

Christian Göttsche April 5, 2024, 3:50 p.m. UTC 
From: Christian Göttsche <cgzones@googlemail.com>

Since the status page is currently only allocated on first use, the
sequence number of the initial policyload (i.e. 1) is not stored,
leading to the observable sequence of 0, 2, 3, 4, ...

Try to pre-allocate the status page during the initialization of the
selinuxfs, so selinux_status_update_policyload() will set the sequence
number.

This brings the status page to return the actual sequence number for the
initial policy load, which is also observable via the netlink socket.
I could not find any occurrence where userspace depends on the actual
value returned by selinux_status_policyload(3), thus the breakage should
be unnoticed.

Reported-by: Milos Malik
Closes: https://lore.kernel.org/selinux/87o7fmua12.fsf@redhat.com/
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
v2: ignore allocation failure
---
 security/selinux/selinuxfs.c | 6 ++++++
 1 file changed, 6 insertions(+)

Comments

Paul Moore April 30, 2024, 9:50 p.m. UTC | #1 
On Apr  5, 2024 =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgoettsche@seltendoof.de> wrote:
> 
> Since the status page is currently only allocated on first use, the
> sequence number of the initial policyload (i.e. 1) is not stored,
> leading to the observable sequence of 0, 2, 3, 4, ...
> 
> Try to pre-allocate the status page during the initialization of the
> selinuxfs, so selinux_status_update_policyload() will set the sequence
> number.
> 
> This brings the status page to return the actual sequence number for the
> initial policy load, which is also observable via the netlink socket.
> I could not find any occurrence where userspace depends on the actual
> value returned by selinux_status_policyload(3), thus the breakage should
> be unnoticed.
> 
> Reported-by: Milos Malik
> Closes: https://lore.kernel.org/selinux/87o7fmua12.fsf@redhat.com/
> Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
> ---
> v2: ignore allocation failure
> ---
>  security/selinux/selinuxfs.c | 6 ++++++
>  1 file changed, 6 insertions(+)

Thanks Christian.  I trimmed out the 'Reported-by:' tag since there
wasn't an email listed and I wasn't sure if that would cause problems
with any tooling that digs through the git log (checkpatch.pl did
complain).  If any of the IBM/RH folks want to check with Milos and
make sure it is okay with him I'll re-add him to the commit metadata.

Merged into selinux/dev.

--
paul-moore.com
diff mbox series

Patch

diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c
index 7e9aa5d151b4..e172f182b65c 100644
--- a/security/selinux/selinuxfs.c
+++ b/security/selinux/selinuxfs.c
@@ -2163,6 +2163,12 @@  static int __init init_sel_fs(void)
 		return err;
 	}
 
+	/*
+	 * Try to pre-allocate the status page, so the sequence number of the
+	 * initial policy load can be stored.
+	 */
+	(void) selinux_kernel_status_page();
+
 	return err;
 }