Bug 1613056
Summary: | BUG: SELinux does not skip mmap/PROT_EXEC checks for internal files when invoking shmat(2) | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Paul Moore <pmoore> |
Component: | kernel | Assignee: | Ondrej Mosnacek <omosnace> |
kernel sub component: | SELinux | QA Contact: | Milos Malik <mmalik> |
Status: | CLOSED ERRATA | Docs Contact: | |
Severity: | high | ||
Priority: | high | CC: | kernel-qe, mmalik, mthacker, plautrba, wgomerin |
Version: | 7.6 | Keywords: | AutoVerified, Regression |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | kernel-3.10.0-972.el7 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | 1600850 | Environment: | |
Last Closed: | 2019-08-06 12:08:16 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1600850 | ||
Bug Blocks: | 1622032 |
Description
Paul Moore
2018-08-06 21:44:41 UTC
Cloning the original to BZ so that it can focus on the extended_socket_class test failures and this BZ can focus on the shm/mmap test failures. Milos, this looks like a duplicate of BZ 1373749, what do you think? I believe that there were no failures in shm subtests when BZ#1373749 was filed, only mmap subtests were failing. Otherwise they look like duplicates. True. Okay, I'll leave them as separate BZs, but I'll put a comment in the other linking back to this BZ. Mystery finally solved! These failures have apparently been introduced with changes in BZ 1458535, which brought in support for the file:map permission to the RHEL 7.6 kernel. The problem is that shmget(2) internally creates a special invisible file (labeled as tmpfs_t), which shmat(2) then tries to map, triggering an SELinux check. Since the permissions for doing shared memory operations are already checked separately, this is a bug that has been already addressed upstream by marking the file with the S_PRIVATE flag and skipping the unnecessary access checks for it. The relevant commits upstream are: commit 892e8cac99a71f6254f84fc662068d912e1943bf Author: Stephen Smalley <sds.gov> Date: Fri Jul 10 09:40:59 2015 -0400 selinux: fix mprotect PROT_EXEC regression caused by mm change commit e1832f2923ec92d0e590e496c8890675457f8568 Author: Stephen Smalley <sds.gov> Date: Thu Aug 6 15:46:55 2015 -0700 ipc: use private shmem or hugetlbfs inodes for shm segments. The most important is the second commit, which fixes both failing tests. The first commit's log message doesn't sound related, but it adds skipping also EXEC_MEM check for S_PRIVATE files, which fixes the last mmap test (which starts failing after applying only the second commit). Note that upstream kernels never hit this problem, because the above two fixes had been applied long before the mmap support was added (v4.2 vs. v4.13). Patch(es) committed on kernel-3.10.0-972.el7 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2019:2029 |