| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CA+55aFzwqafHa6ARO-zkCDaHZozZDDvETBMmbnvNsnu1L9v2=w@mail.gmail.com>
Date: Wed, 31 Dec 2014 13:23:14 -0800
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Paul Moore <paul@...l-moore.com>, Al Viro <viro@...iv.linux.org.uk>
Cc: linux-audit@...hat.com,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [GIT PULL] Audit fixes for 3.19 #2
On Wed, Dec 31, 2014 at 12:33 PM, Paul Moore <paul@...l-moore.com> wrote:
>
> One audit patch to resolve a panic/oops when recording filenames in the audit
> log, see the mail archive link below. The fix isn't as nice as I would like,
> as it involves an allocate/copy of the filename, but it solves the problem and
> the overhead should only affect users who have configured audit rules
> involving file names.
This fix looks wrong.
The kernel "getname()" function already has hacks explicitly for this
audit usage. Why aren't those hacks working? See the whole
"audit_getname()" and "audit_putname()" thing in fs/namei.c.
So why does audit now need to copy the name *again*, when the whole -
and only - point of the current fs/namei.c audit hackery is exactly so
that audit can control the lifetime of the pathnames?
Hmm? Alternatively, could we just remove the fs/namei.c hackery
entirely, and rely on audit always copying the filenames for its own
use?
Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists