lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20111207163253.GD2203@ZenIV.linux.org.uk>
Date:	Wed, 7 Dec 2011 16:32:53 +0000
From:	Al Viro <viro@...IV.linux.org.uk>
To:	Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>
Cc:	john.johansen@...onical.com, linux-kernel@...r.kernel.org,
	linux-fsdevel@...r.kernel.org, torvalds@...ux-foundation.org
Subject: Re: [git pull] apparmor fix for __d_path() misuse

On Wed, Dec 07, 2011 at 05:59:49PM +0900, Tetsuo Handa wrote:
> Al Viro wrote:
> > BTW, what your current code does if you have a file bound on another
> > file, open it, umount -l it, let the dust settle and then do some operation
> > that triggers tomoyo_get_absolute_path() on it?  Because you'll be getting
> > a vfsmount/dentry pair that has
> > 	* dentry == vfsmount->mnt_root
> > 	* vfsmount->mnt_parent == vfsmount
> > 	* dentry->d_inode being a non-directory
> > and there is nothing whatsoever in what remains of the pathname.  Not a single
> > component.  IOW, you'll get "/" in buf.  Might be good in a testsuite - is
> > there any code in security/tomoyo that would be relying on assumption that
> > only directory might have a name entirely without components?
> 
> TOMOYO assumes that only directory ends with '/'.

Then it's broken in the current mainline (and had been for as long as it
had been using __d_path()).  Because that's all you'll get from it
for such vfsmount/dentry pair...

> Among above three results, the last one will be the best.

OK, I'm fine with your patch; for bisectability sake it ought to go before
mine, with mine on top of it.

How will we do that?  Should I put it into vfs.git#for-linus before __d_path()
patch and ask Linus to pull that?
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ