| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20091029133306.0cb87521.sfr@canb.auug.org.au>
Date: Thu, 29 Oct 2009 13:33:06 +1100
From: Stephen Rothwell <sfr@...b.auug.org.au>
To: "Serge E. Hallyn" <serue@...ibm.com>
Cc: lkml <linux-kernel@...r.kernel.org>,
"Andrew G. Morgan" <morgan@...nel.org>,
Michael Kerrisk <mtk.manpages@...il.com>,
Ulrich Drepper <drepper@...hat.com>, linux-api@...r.kernel.org,
James Morris <jmorris@...ei.org>
Subject: Re: [PATCH resend] define convenient securebits masks for prctl
users
Hi Serge,
On Wed, 28 Oct 2009 09:02:36 -0500 "Serge E. Hallyn" <serue@...ibm.com> wrote:
>
> [ Are there any objections to exporting securebits.h? If not,
> can this patch be pushed to linux-next? ]
I am not sure which tree this belongs in? Maybe security-testing (James
cc'd)?
> diff --git a/include/linux/securebits.h b/include/linux/securebits.h
> index d2c5ed8..9ad109e 100644
> --- a/include/linux/securebits.h
> +++ b/include/linux/securebits.h
> @@ -1,6 +1,13 @@
> #ifndef _LINUX_SECUREBITS_H
> #define _LINUX_SECUREBITS_H 1
>
> +/* Each securesetting is implemented using two bits. One bit specifies
> + whether the setting is on or off. The other bit specify whether the
> + setting is locked or not. A setting which is locked cannot be
> + changed from user-level. */
> +#define issecure_mask(X) (1 << (X))
> +#define issecure(X) (issecure_mask(X) & current_cred_xxx(securebits))
You want this second define protected by ifdef __KERNEL__ ...
--
Cheers,
Stephen Rothwell sfr@...b.auug.org.au
http://www.canb.auug.org.au/~sfr/
Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists