lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <201704301111.CFC52113.LFVFQJtFOOMHOS@I-love.SAKURA.ne.jp>
Date:   Sun, 30 Apr 2017 11:11:41 +0900
From:   Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>
To:     casey@...aufler-ca.com, mic@...ikod.net,
        linux-kernel@...r.kernel.org
Cc:     james.l.morris@...cle.com, keescook@...omium.org, serge@...lyn.com,
        linux-security-module@...r.kernel.org
Subject: Re: [PATCH v1] LSM: Enable multiple calls to security_add_hooks() for the same LSM

Casey Schaufler wrote:
> On 4/29/2017 12:02 PM, Mickael Salaun wrote:
> > Check if the registering LSM already registered hooks just before. This
> > enable to split hook declarations into multiple files without
> > registering multiple time the same LSM name, starting from commit
> > d69dece5f5b6 ("LSM: Add /sys/kernel/security/lsm").
> 
> What's special about the previous registration? Keep it
> simple and check it the name is already anywhere on the
> list and only add it if it's not already there. I don't
> see advantage to:
> 
> 	% cat /sys/kernel/security/lsm
> 	capability,yama,spiffy,selinux,spiffy
> 
> over
> 	% cat /sys/kernel/security/lsm
> 	capability,yama,spiffy,selinux
> 

-	if (lsm_append(lsm, &lsm_names) < 0)
+	if (lsm && lsm_append(lsm, &lsm_names) < 0)

in security_add_hooks()?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ