[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20110603022100.GA561@dastard>
Date: Fri, 3 Jun 2011 12:21:00 +1000
From: Dave Chinner <david@...morbit.com>
To: Mimi Zohar <zohar@...ux.vnet.ibm.com>
Cc: linux-security-module@...r.kernel.org,
linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org,
James Morris <jmorris@...ei.org>,
David Safford <safford@...son.ibm.com>,
Andrew Morton <akpm@...ux-foundation.org>,
Greg KH <greg@...ah.com>,
Dmitry Kasatkin <dmitry.s.kasatkin@...il.com>,
Mimi Zohar <zohar@...ibm.com>
Subject: Re: [PATCH v6 08/20] evm: evm_inode_post_init
On Thu, Jun 02, 2011 at 08:23:31AM -0400, Mimi Zohar wrote:
> Initialize 'security.evm' for new files. Reduce number of arguments
> by defining 'struct xattr'.
why does this need a new security callout from every filesystem?
Once the security xattr is initialised, the name, len and value is
not going to change so surely the evm xattr can be initialised at
the same time the lsm xattr is initialised.
Then all you need to do in each filesystem is add the evm_xattr
structure to the existing security init call and a:
#ifdef CONFIG_EVM
/* set evm.xattr */
#endif
to avoid adding code that is never executed when EVM is not
configured into the kernel.
That way you don't create the lsm_xattr at all if the evm_xattr is
not created, and then the file creation should fail in an atomic
manner, right? i.e. you don't leave files with unverified security
attributes around when interesting failure corner cases occur (e.g.
ENOSPC).
And while you are there, it's probably also be a good idea to add
support for all filesystems that support xattrs, not just a random
subset of them...
Cheers,
Dave.
--
Dave Chinner
david@...morbit.com
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists