On Thu, 2008-09-25 at 09:13 -0400, Eric Paris wrote:
On Thu, 2008-09-25 at 14:15 +1000, James Morris wrote:
> On Wed, 24 Sep 2008, Francis K Shim wrote:
>
> >
> > I could disable SELinux and I would not have this problem; however, I
> > was hoping that there was a much secure or safer work-around to this
> > problem.
>
> The video driver is inherently dangerous, so the safe approach is not to
> use it.
James isn't exactly being helpful, but the reason is because as you
guessed the problem lies squarely and obviously with AMD/ATI and there
isn't much we can do to help with closed source proprietary software.
AMD/ATI is obviously doing it wrong and when it comes to security doing
it wrong is never a good idea. Sadly we don't have their source so I
can't show you the line of code (or do anything to fix it), but your
backtrace should make it pretty obvious if anyone inside ATI decides to
care.
Stephen James, what do the two of you think about something like this?
Maybe a WARN_ONCE() ?
security/selinux/hooks.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 03fc6a8..14f1242 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1385,7 +1385,8 @@ static int task_has_capability(struct task_struct *tsk,
default:
printk(KERN_ERR
"SELinux: out of range capability %d\n", cap);
- BUG();
+ WARN();
+ return -EPERM;
}
return avc_has_perm(tsec->sid, tsec->sid, sclass, av, &ad);
}
I'm not opposed to changing it to an error return, although I'm not
clear that will help.
Does anyone know what the driver is actually trying to do here? The
message said:
SELinux: out of range capability -157851600
and -157851600 == 0xf6976030
Obviously that isn't what they meant to pass to capable().
--
Stephen Smalley
National Security Agency