lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 2 Sep 2008 09:06:01 +0400 From: Alexey Dobriyan <adobriyan@...il.com> To: Kentaro Takeda <takedakn@...data.co.jp> Cc: viro@...IV.linux.org.uk, linux-fsdevel@...r.kernel.org, linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org, miklos@...redi.hu, hch@...radead.org, akpm@...ux-foundation.org, Toshiharu Harada <haradats@...data.co.jp> Subject: Re: (repost) Confirmation of methods for calculating requested pathname. On Tue, Sep 02, 2008 at 01:31:50PM +0900, Kentaro Takeda wrote: > Al, could you answer the following question? > > > The current Linux kernel is not designed to pass vfsmount parameter > that is crucial for pathname-based security including AppArmor and > TOMOYO Linux, to LSM. Though both projects have been proposing > patches to calculate pathname, none of them have been accepted as > you know. > > To find the reason for NACK, we examined past proposals and the > threads. And we came to understand that you oppose accessing vfsmount > inside vfs helper functions. Is our understanding correct? > > If our understanding is correct, we would like to propose a new > method that does not require modifications to vfs helper functions. > Attached patch is a trial of this method. > > vfs helper functions are surrounded by mnt_want_write() and > mnt_drop_write() pairs which receive "struct vfsmount" parameter > since 2.6.26. So, by remembering the absolute pathname of "struct > vfsmount" of the moment, LSM module can calculate an absolute > pathname of the given "struct dentry" parameter inside vfs_* > functions, without passing "struct vfsmount" parameter to vfs_* > functions. > > This approach doesn't access vfsmount inside vfs helper functions, > and modification of existing kernel is only in task_struct and > mnt_want/drop_write(). I don't know what Al Viro will say, but this is incredibly ugly. Even more ugly than previous patches. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists