| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <18674.1399651287@jrobl> Date: Sat, 10 May 2014 01:01:27 +0900 From: "J. R. Okajima" <hooanon05g@...il.com> To: Mimi Zohar <zohar@...ux.vnet.ibm.com> Cc: Dmitry Kasatkin <d.kasatkin@...sung.com>, viro@...iv.linux.org.uk, ebiederm@...ssion.com, linux-security-module@...r.kernel.org, eparis@...hat.com, dmitry.kasatkin@...il.com, linux-kernel@...r.kernel.org Subject: Re: IMA + O_DIRECT (Re: [PATCH 0/1] fix IMA + Apparmor kernel panic) Mimi Zohar: > Another approach was posted here > http://marc.info/?l=linux-security-module&m=138919062430367&w=2 which > also was not upstreamed. It might be better a little than previous one which handles the flag temporarily. But, in order to make the code cleaner particulary for do_blockdev_direct_IO(), I'd suggest - make two new static inline functions like r = ima_aware_file_inode_mutex_lock(file) and ..._unlock(r, file). - these new functions are complied when CONFIG_IMA is enabled, otherwise they are plain mutex_lock/unlock(). - then do_blockdev_direct_IO() can call them blindly. - of course, O_DIRECT_HAVELOCK should be complied only when CONFIG_IMA is enabled too. I can guess that several people thinks that is still "ugly locking", but the deadlock is much ugly in real world. And we need some workaround for it. J. R. Okajima -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists