teknoraver / rpms / systemd

Forked from rpms/systemd 3 months ago
Clone

Blame 0090-selinux-fix-SEGV-during-switch-root-if-SELinux-polic.patch

Zbigniew Jędrzejewski-Szmek 399a2a
From 19e98bf405a8105db71a4e3247b0397509825a6e Mon Sep 17 00:00:00 2001
Zbigniew Jędrzejewski-Szmek 399a2a
From: Will Woods <wwoods@redhat.com>
Zbigniew Jędrzejewski-Szmek 399a2a
Date: Fri, 13 Mar 2015 17:24:46 -0400
Zbigniew Jędrzejewski-Szmek 399a2a
Subject: [PATCH] selinux: fix SEGV during switch-root if SELinux policy loaded
Zbigniew Jędrzejewski-Szmek 399a2a
Zbigniew Jędrzejewski-Szmek 399a2a
If you've got SELinux policy loaded, label_hnd is your labeling handle.
Zbigniew Jędrzejewski-Szmek 399a2a
When systemd is shutting down, we free that handle via mac_selinux_finish().
Zbigniew Jędrzejewski-Szmek 399a2a
Zbigniew Jędrzejewski-Szmek 399a2a
But: switch_root() calls mkdir_p_label(), which tries to look up a label
Zbigniew Jędrzejewski-Szmek 399a2a
using that freed handle, and so we get a bunch of garbage and eventually
Zbigniew Jędrzejewski-Szmek 399a2a
SEGV in libselinux.
Zbigniew Jędrzejewski-Szmek 399a2a
Zbigniew Jędrzejewski-Szmek 399a2a
(This doesn't happen in the switch-root from initramfs to real root because
Zbigniew Jędrzejewski-Szmek 399a2a
there's no SELinux policy loaded in initramfs, so label_hnd is NULL and we
Zbigniew Jędrzejewski-Szmek 399a2a
never attempt any lookups.)
Zbigniew Jędrzejewski-Szmek 399a2a
Zbigniew Jędrzejewski-Szmek 399a2a
So: make sure that mac_selinux_finish() actually sets label_hnd to NULL, so
Zbigniew Jędrzejewski-Szmek 399a2a
nobody tries to use it after it becomes invalid.
Zbigniew Jędrzejewski-Szmek 399a2a
Zbigniew Jędrzejewski-Szmek 399a2a
https://bugzilla.redhat.com/show_bug.cgi?id=1185604
Zbigniew Jędrzejewski-Szmek 399a2a
(cherry picked from commit f5ce2b49585a14cefb6d02f61c8dcdf7628a8605)
Zbigniew Jędrzejewski-Szmek 399a2a
---
Zbigniew Jędrzejewski-Szmek 399a2a
 src/shared/selinux-util.c | 1 +
Zbigniew Jędrzejewski-Szmek 399a2a
 1 file changed, 1 insertion(+)
Zbigniew Jędrzejewski-Szmek 399a2a
Zbigniew Jędrzejewski-Szmek 399a2a
diff --git a/src/shared/selinux-util.c b/src/shared/selinux-util.c
Zbigniew Jędrzejewski-Szmek 399a2a
index a2233e0cfb..a46ddf8498 100644
Zbigniew Jędrzejewski-Szmek 399a2a
--- a/src/shared/selinux-util.c
Zbigniew Jędrzejewski-Szmek 399a2a
+++ b/src/shared/selinux-util.c
Zbigniew Jędrzejewski-Szmek 399a2a
@@ -117,6 +117,7 @@ void mac_selinux_finish(void) {
Zbigniew Jędrzejewski-Szmek 399a2a
                 return;
Zbigniew Jędrzejewski-Szmek 399a2a
 
Zbigniew Jędrzejewski-Szmek 399a2a
         selabel_close(label_hnd);
Zbigniew Jędrzejewski-Szmek 399a2a
+        label_hnd = NULL;
Zbigniew Jędrzejewski-Szmek 399a2a
 #endif
Zbigniew Jędrzejewski-Szmek 399a2a
 }
Zbigniew Jędrzejewski-Szmek 399a2a