lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 17 Jul 2008 09:56:50 +1000 (EST) From: James Morris <jmorris@...ei.org> To: Mimi Zohar <zohar@...ux.vnet.ibm.com> cc: linux-kernel@...r.kernel.org, akpm@...ux-foundation.org, safford@...son.ibm.com, serue@...ux.vnet.ibm.com, sailer@...son.ibm.com, zohar@...ibm.com, debora@...ux.vnet.ibm.com, srajiv@...ux.vnet.ibm.com Subject: Re: [Patch 5/5]integrity: IMA as an integrity service provider On Wed, 16 Jul 2008, Mimi Zohar wrote: > +static ssize_t ima_show_htable_value(char __user *buf, size_t count, > + loff_t *ppos, atomic_t *val) > +{ > + char tmpbuf[TMPBUFLEN]; > + ssize_t len; > + > + len = scnprintf(tmpbuf, TMPBUFLEN, "%i\n", atomic_read(val)); > + return simple_read_from_buffer(buf, count, ppos, tmpbuf, len); > +} > + > +static ssize_t ima_show_htable_violations(struct file *filp, > + char __user *buf, > + size_t count, loff_t *ppos) > +{ > + return ima_show_htable_value(buf, count, ppos, &ima_htable.violations); > +} ima_htable.violations is an atomic_long_t and is not safe to pass to ima_show_htable_value. Did you check for compilation warnings? > +void ima_add_violation(struct inode *inode, const unsigned char *fname, > + char *op, char *cause) > +{ > + int result; > + > + /* can overflow, only indicator */ > + atomic_inc(&ima_htable.violations); This also generates a warning. You probably want atomic_long_inc(). - James -- James Morris <jmorris@...ei.org> -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists