lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 5 May 2008 10:22:37 -0700
From:	"Paul Menage" <menage@...gle.com>
To:	"Miklos Szeredi" <miklos@...redi.hu>
Cc:	akpm@...ux-foundation.org, hch@...radead.org,
	viro@...iv.linux.org.uk, linux-kernel@...r.kernel.org,
	linux-fsdevel@...r.kernel.org
Subject: Re: [patch 03/15] cgroup: dont call vfs_mkdir

On Mon, May 5, 2008 at 2:54 AM, Miklos Szeredi <miklos@...redi.hu> wrote:
> From: Miklos Szeredi <mszeredi@...e.cz>
>
>  cgroup_clone() calls vfs_mkdir() to create a directory in the cgroup
>  filesystem.  Replace with explicit call to cgroup_mkdir() and
>  fsnotify_mkdir().
>
>  This is equivalent, except that the following functions are not called
>  before cgroup_mkdir():
>
>   - may_create()
>   - security_inode_mkdir()
>   - DQUOT_INIT()
>
>  Permission to clone the cgroup has already been checked in
>  copy_namespaces() (requiring CAP_SYS_ADMIN).  Additional file system
>  related capability checks are inappropriate and confusing.
>
>  The quota check is unnecessary, as quotas don't make any sense for
>  this filesystem.
>
>  Signed-off-by: Miklos Szeredi <mszeredi@...e.cz>
>  CC: Paul Menage <menage@...gle.com>

This looks like it behaves correctly, but I don't really have any view
on whether the change is the right thing to do - I'll leave that to
the VFS gurus. FWIW, I'd regard cgroup_clone() as being outside the
filesystem rather than inside. It does have some knowledge of the
cgroupfs internals, but it tries to leave as much as possible up to
the real filesystem code.

Paul
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ