The Smack patch and Paul Moore's netlabel API patch,

together for 2.6.24-rc1. Paul's changes are identical

to the previous posting, but it's been a while so they're

here again.
The sole intent of change has been to address locking

and/or list processing issues. Please don't hesitate to

point out any problems that you might see or suggest

alternatives where things might not be to your liking.
This version is aimed at 2.6.24, and has been tested

against 2.6.24-rc1.
Thank you again.

-

Hi Casey/Al/all,
A patch that utilizes Al Viro's concerns on previous smack parser

and solves pevious parser bugs discovered by Ahmed Darwish. By now,

no problem will occur if given smack rules are fragmented over

multiple write() calls.
CC: Al Viro <viro@ftp.linux.org.uk>

Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com>

---
A similar patch for parsing CIPSO rules will be sent soon.
diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c

index 88b3f7b..9b56281 100644

--- a/security/smack/smackfs.c

+++ b/security/smack/smackfs.c

@@ -67,6 +67,39 @@ static int smack_cipso_count;

 struct smk_list_entry *smack_list;
 /*

+ * Disable concurrent writing open() operations

+ */

+static struct semaphore smack_write_sem;

+

+/*

+ * States for parsing /smack/load rules

+ */

+enum load_state {

+	subject      = 0,

+	object       = 1,

+	access       = 2,

+	eol          = 3,

+};

+

+/*

+ * Represent current parsing state of /smack/load. Struct

+ * also stores data needed between an open-release session's

+ * multiple write() calls

+ */

+static struct smack_load_state {

+	enum load_state state;

+	struct  smack_rule rule;

+	int     label_len;

+	char    subject[SMK_LABELLEN];

+	char    object[SMK_LABELLEN];

+} *load_state;

+

+static inline int isblank(char c)

+{

+	return (c == ' ' || c == '\t');

+}

+

+/*

  * Seq_file read operations for /smack/load

  */
@@ -127,12 +160,43 @@ static struct seq_operations load_seq_ops = {

  * @inode: inode structure representing file

  * @file: "load" file pointer

  *

- * Connect our load_seq_* operations with /smack/load

- * file_operations

+ * For reading, use load_seq_* seq_file reading operations.

+ * For writing, prepare a load_state struct to parse

+ * incoming rules.

  */

 static int smk_open_load(struct inode *inode, struct file *file)

 {

-	return seq_open(file, &load_seq_ops);

+	if ((file->f_flags & O_ACCMODE) == O_RDONLY)

+		return seq_open(file, &load_seq_ops);

+

+	if (do...
[ message continues ]

i++ w/o space

-

isspace accepts newlines and carriage-returns too which is not
Notes Taken. Thanks for the review.
Regards,
Darwish

-

with both of these patches applied to 2.6.24-rc1 I get the following

oops when nfsd starts:
BUG: unable to handle kernel NULL pointer dereference at virtual address

0000013c

printing eip: c01d7e39 *pde = 00000000

Oops: 0000 [#1] SMP
Pid: 4094, comm: lockd Not tainted (2.6.24-rc1 #3)

EIP: 0060:[<c01d7e39>] EFLAGS: 00010246 CPU: 0

EIP is at smack_socket_post_create+0x46/0xd2

EAX: c19440c0 EBX: 00000000 ECX: 00000001 EDX: c168ddd8

ESI: 00000002 EDI: 00000000 EBP: 00000006 ESP: c168ddd8

 DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068

Process lockd (pid: 4094, ti=c168c000 task=c1577ab0 task.ti=c168c000)

Stack: c1464c00 c01d7ac6 c19440e8 c01d4fb4 c016544c c038c660 c19440c0

00000001

       c01d53eb 00000006 00000001 fffffff4 c0283374 00000006 00000001

00000002

       c1944540 c168df34 c1944540 00000800 c02833b6 c168df34 c1944540

c2039d8c

Call Trace:

 [<c01d7ac6>] smack_inode_alloc_security+0x14/0x24

 [<c01d4fb4>] security_inode_alloc+0x16/0x17

 [<c016544c>] alloc_inode+0x118/0x170

 [<c01d53eb>] security_socket_post_create+0x1f/0x23

 [<c0283374>] sock_create_lite+0x4d/0x6c

 [<c02833b6>] kernel_accept+0x23/0x5a

 [<c02d8aac>] svc_tcp_recvfrom+0xf9/0x7e7

 [<c0120be5>] run_timer_softirq+0x2f/0x154

 [<c01125df>] __update_rq_clock+0x19/0x156

 [<c012e30c>] clocksource_get_next+0x39/0x3f

 [<c012d55b>] update_wall_time+0x54b/0x6af

 [<c02e2852>] schedule+0x575/0x58f

 [<c02d87c1>] svc_udp_recvfrom+0x175/0x367

 [<c01279fc>] __rcu_process_callbacks+0xeb/0x153

 [<c02e294d>] schedule_timeout+0x13/0x8d

 [<c02d7b4d>] svc_sock_release+0xdd/0x149

 [<c02d8596>] svc_recv+0x2df/0x395

 [<c0103078>] apic_timer_interrupt+0x28/0x30

 [<c0114e8f>] default_wake_function+0x0/0x8

 [<c01c881c>] lockd+0xe3/0x1f3

 [<c0116fa2>] schedule_tail+0x18/0x52

 [<c01024f6>] ret_from_fork+0x6/0x1c

 [<c01c8739>] lockd+0x0/0x1f3

 [<c01c8739>] lockd+0x0/0x1f3

 [<c0103...
[ message continues ]

Thanks for the bug report. I have just discovered that it is possible

to have a virtual disk go virtually bad under VMware. I will be

looking at this as soon as I recover.
Casey Schaufler

casey@schaufler-ca.com

-

For some reason I didn't get 2/2 so I can't make an inline comment but

one thing I noticed while trying to build a smack kernel is that smack

has a kconfig dependancy on NETLABEL and SECURITY_NETWORK. This is

unfortunate because user X wanting to try out smack won't see it in the

config until he goes and enables those things (which he wouldn't know

about without reading the smack Kconfig). It would be nice if those were

selects instead.
-