| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 23 Jan 2010 23:07:35 +0000 From: Al Viro <viro@...IV.linux.org.uk> To: Mimi Zohar <zohar@...ux.vnet.ibm.com> Cc: linux-kernel@...r.kernel.org, Eric Paris <eparis@...hat.com>, Hugh Dickins <hugh.dickins@...cali.co.uk>, James Morris <jmorris@...ei.org>, David Safford <safford@...son.ibm.com>, "Serge E. Hallyn" <serue@...ux.vnet.ibm.com>, Mimi Zohar <zohar@...ibm.com> Subject: Re: [RFC PATCH 1/2] Fix 1 untangling ima mess, part 2 with counters On Wed, Jan 20, 2010 at 03:35:40PM -0500, Mimi Zohar wrote: > The "Untangling ima mess, part 2 with counters" patch messed > up the counters. Based on conversations with Al Viro, this patch > streamlines ima_path_check() by removing the counter maintaince. > The counters are now updated independently, from measuring the file, > in __dentry_open() and alloc_file() by calling ima_counts_get(). > ima_path_check() is called from nfsd and do_filp_open(). > > Signed-off-by: Mimi Zohar <zohar@...ibm.com> > --- > fs/namei.c | 4 +- > include/linux/ima.h | 4 +- > security/integrity/ima/ima_main.c | 234 ++++++++++++++----------------------- Um... a) where's the nfsd part? b) will that work if we open file with O_WRONLY? nfsd side of things is non-trivial. Note that you have that thing called an awful lot; nfsd_permission() is called by fh_verify(). For which operations do you really want it to happen? Should it just migrate to nfsd_open()? -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists