lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20160527192605.GQ14480@ZenIV.linux.org.uk>
Date:	Fri, 27 May 2016 20:26:05 +0100
From:	Al Viro <viro@...IV.linux.org.uk>
To:	Linus Torvalds <torvalds@...ux-foundation.org>
Cc:	Seung-Woo Kim <sw0312.kim@...sung.com>,
	linux-fsdevel <linux-fsdevel@...r.kernel.org>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	jh80.chung@...gmsung.com, Chanwoo Choi <cw00.choi@...sung.com>,
	Casey Schaufler <casey@...aufler-ca.com>
Subject: Re: [BUG] Panic when systemd boot do mkdir on tmpfs mounted path
 with smack enabled environment

On Fri, May 27, 2016 at 12:01:05PM -0700, Linus Torvalds wrote:

> Al, if you want Casey to help test, I think you should write out the
> full git repository address, rather than just say "See
> vfs.git#smack-fix".
> 
> Anybody who isn't used to pulling for you will just wonder where you
> keep your tree. And even I, who _am_ used to pulling from you, would
> have to look it up, so it's a lot more convenient if you actually
> write out the whole thing,

Point taken.

> Casey, Al is talking about
> 
>   git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs smack-fix
> 
> and Al, please make your commit messages more informative than just
> "switch ->setxattr() to passing dentry and inode separately". You can
> see that from the patch. Please add a _why_ something is done, not
> just what it does.

Umm...  Would something along the lines of

switch ->setxattr() to passing inode and dentry separately

smack ->d_instantiate() uses ->setxattr(), so to be able to call it before
we'd hashed the new dentry and attached it to inode, we ->setxattr() instances
get the inode as an explicit argument rather than obtaining it from dentry.
Similar change for ->getxattr() had been done commit ce23e64.  Unlike
->getxattr() (which is used both by selinux and smack instances of
->d_instantiate()) ->setxattr() is used only by smack one and unfortunately
it had been missed back then.

be detailed enough for the second one with

switch xattr_handler->set() to passing inode and dentry separately

preparation for similar switch in ->setxattr() (see the next commit for
rationale)

for the first one?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ