forked from luck/tmp_suning_uos_patched
tomoyo: Add a kernel config option for fuzzing testing.
syzbot is reporting kernel panic triggered by memory allocation fault injection before loading TOMOYO's policy [1]. To make the fuzzing tests useful, we need to assign a profile other than "disabled" (no-op) mode. Therefore, let's allow syzbot to load TOMOYO's built-in policy for "learning" mode using a kernel config option. This option must not be enabled for kernels built for production system, for this option also disables domain/program checks when modifying policy configuration via /sys/kernel/security/tomoyo/ interface. [1] https://syzkaller.appspot.com/bug?extid=29569ed06425fcf67a95 Reported-by: syzbot <syzbot+e1b8084e532b6ee7afab@syzkaller.appspotmail.com> Reported-by: syzbot <syzbot+29569ed06425fcf67a95@syzkaller.appspotmail.com> Reported-by: syzbot <syzbot+2ee3f8974c2e7dc69feb@syzkaller.appspotmail.com> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jamorris@linux.microsoft.com>
This commit is contained in:
parent
1fb3b526df
commit
e80b18599a
|
@ -74,3 +74,13 @@ config SECURITY_TOMOYO_ACTIVATION_TRIGGER
|
|||
You can override this setting via TOMOYO_trigger= kernel command line
|
||||
option. For example, if you pass init=/bin/systemd option, you may
|
||||
want to also pass TOMOYO_trigger=/bin/systemd option.
|
||||
|
||||
config SECURITY_TOMOYO_INSECURE_BUILTIN_SETTING
|
||||
bool "Use insecure built-in settings for fuzzing tests."
|
||||
default n
|
||||
depends on SECURITY_TOMOYO
|
||||
select SECURITY_TOMOYO_OMIT_USERSPACE_LOADER
|
||||
help
|
||||
Enabling this option forces minimal built-in policy and disables
|
||||
domain/program checks for run-time policy modifications. Please enable
|
||||
this option only if this kernel is built for doing fuzzing tests.
|
||||
|
|
|
@ -940,7 +940,7 @@ static bool tomoyo_manager(void)
|
|||
const char *exe;
|
||||
const struct task_struct *task = current;
|
||||
const struct tomoyo_path_info *domainname = tomoyo_domain()->domainname;
|
||||
bool found = false;
|
||||
bool found = IS_ENABLED(CONFIG_SECURITY_TOMOYO_INSECURE_BUILTIN_SETTING);
|
||||
|
||||
if (!tomoyo_policy_loaded)
|
||||
return true;
|
||||
|
@ -2810,6 +2810,16 @@ void tomoyo_check_profile(void)
|
|||
*/
|
||||
void __init tomoyo_load_builtin_policy(void)
|
||||
{
|
||||
#ifdef CONFIG_SECURITY_TOMOYO_INSECURE_BUILTIN_SETTING
|
||||
static char tomoyo_builtin_profile[] __initdata =
|
||||
"PROFILE_VERSION=20150505\n"
|
||||
"0-CONFIG={ mode=learning grant_log=no reject_log=yes }\n";
|
||||
static char tomoyo_builtin_exception_policy[] __initdata =
|
||||
"aggregator proc:/self/exe /proc/self/exe\n";
|
||||
static char tomoyo_builtin_domain_policy[] __initdata = "";
|
||||
static char tomoyo_builtin_manager[] __initdata = "";
|
||||
static char tomoyo_builtin_stat[] __initdata = "";
|
||||
#else
|
||||
/*
|
||||
* This include file is manually created and contains built-in policy
|
||||
* named "tomoyo_builtin_profile", "tomoyo_builtin_exception_policy",
|
||||
|
@ -2817,6 +2827,7 @@ void __init tomoyo_load_builtin_policy(void)
|
|||
* "tomoyo_builtin_stat" in the form of "static char [] __initdata".
|
||||
*/
|
||||
#include "builtin-policy.h"
|
||||
#endif
|
||||
u8 i;
|
||||
const int idx = tomoyo_read_lock();
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user