| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <alpine.LRH.2.21.1709150659010.9137@namei.org>
Date: Fri, 15 Sep 2017 07:00:10 +1000 (AEST)
From: James Morris <jmorris@...ei.org>
To: Christoph Hellwig <hch@...radead.org>
cc: Mimi Zohar <zohar@...ux.vnet.ibm.com>,
linux-security-module@...r.kernel.org,
Christoph Hellwig <hch@....de>,
linux-ima-devel@...ts.sourceforge.net,
Linus Torvalds <torvalds@...ux-foundation.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 2/2] integrity: replace call to integrity_read_file with
kernel version
On Thu, 14 Sep 2017, Christoph Hellwig wrote:
> On Fri, Sep 15, 2017 at 06:21:28AM +1000, James Morris wrote:
> > So, to be clear, this patch solves the XFS deadlock using a different
> > approach (to the now reverted integrity_read approach), which Christoph
> > also says is more correct generally. Correct?
>
> No. It is in addition to the previous patches - the patches were
> correct for the IMA interaction with the I/O path. It just turns
> out that the function was also reused for reading certificates
> at initialization time, for which that change was incorrect.
>
> If this series is applied first the integrity_read code is not
> used for that path any more.
Ok, Mimi, please post a complete patchset for this issue against my -next
branch.
--
James Morris
<jmorris@...ei.org>
Powered by blists - more mailing lists