lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20080115211656.GA10644@sergelap.austin.ibm.com>
Date:	Tue, 15 Jan 2008 15:16:56 -0600
From:	"Serge E. Hallyn" <serue@...ibm.com>
To:	Kentaro Takeda <takedakn@...data.co.jp>
Cc:	akpm@...ux-foundation.org, linux-kernel@...r.kernel.org,
	linux-security-module@...r.kernel.org,
	Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>
Subject: Re: [TOMOYO #6 retry 02/21] Add struct vfsmount to struct
	task_struct.

I must say I personally prefer the apparmor approach.  But I'd recommend
you get together and get this piece pushed on its own, whichever version
you can agree on.  Yes it needs a user, but at this point I would think
both tomoyo and apparmor have had enough visibility that everyone knows
the intended users.

It seems to me you're both being held up by this piece, and getting
another full posting of either tomoyo or apparmor isn't going to help,
so hopefully you can combine your efforts to get this solved.

thanks,
-serge

Quoting Kentaro Takeda (takedakn@...data.co.jp):
> This patch allows VFS wrapper functions associate "struct vfsmount"
> with "struct task_struct" so that LSM hooks can calculate
> pathname of given "struct dentry".
> 
> Signed-off-by: Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>
> ---
>  include/linux/init_task.h |    1 +
>  include/linux/sched.h     |    2 ++
>  2 files changed, 3 insertions(+)
> 
> --- linux-2.6-mm.orig/include/linux/init_task.h
> +++ linux-2.6-mm/include/linux/init_task.h
> @@ -187,6 +187,7 @@ extern struct group_info init_groups;
>  	.dirties = INIT_PROP_LOCAL_SINGLE(dirties),			\
>  	INIT_TRACE_IRQFLAGS						\
>  	INIT_LOCKDEP							\
> +	.last_vfsmount  = NULL,                                         \
>  }
> 
> 
> --- linux-2.6-mm.orig/include/linux/sched.h
> +++ linux-2.6-mm/include/linux/sched.h
> @@ -1238,6 +1238,8 @@ struct task_struct {
>  	int make_it_fail;
>  #endif
>  	struct prop_local_single dirties;
> +	/* vfsmount info for LSM hooks. */
> +	struct vfsmount *last_vfsmount;
>  };
> 
>  /*
> 
> -- 
> -
> To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ