| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 11 Dec 2012 15:15:57 -0500 From: Eric Paris <eparis@...isplace.org> To: Linus Torvalds <torvalds@...ux-foundation.org> Cc: Mimi Zohar <zohar@...ux.vnet.ibm.com>, "Kasatkin, Dmitry" <dmitry.kasatkin@...el.com>, Al Viro <viro@...iv.linux.org.uk>, linux-fsdevel <linux-fsdevel@...r.kernel.org>, LSM List <linux-security-module@...r.kernel.org>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, James Morris <jmorris@...ei.org> Subject: Re: [PATCH 0/2] ima: policy search speedup On Tue, Dec 11, 2012 at 3:05 PM, Linus Torvalds <torvalds@...ux-foundation.org> wrote: > The "IS_PRIVATE()" thing is more a "if you know a-priori that you > aren't interested in pseudo-filesystems, you can already check that > bit, because it will be set for things like /proc and shmem mappings > and pipes etc". I know it isn't relevant to the final solution, but this is simply wrong. IS_PRIVATE() means 'this inode is filesystem internal.' It is not used by anything except rieser and the anon_inode. If it is used by psuedo filesystems in general, like /proc, shmem mappings, and pipes that is a huge bug and is absolutely wrong. You are correct IS_PRIVATE is sufficient to know you don't need to do any IMA stuff with that inode, but it is used in damn few places and better remain that way.... -Eric -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists