lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <8450.1525184950@warthog.procyon.org.uk>
Date:   Tue, 01 May 2018 15:29:10 +0100
From:   David Howells <dhowells@...hat.com>
To:     Randy Dunlap <rdunlap@...radead.org>
Cc:     dhowells@...hat.com, viro@...iv.linux.org.uk,
        linux-nfs@...r.kernel.org, linux-kernel@...r.kernel.org,
        linux-security-module@...r.kernel.org,
        linux-fsdevel@...r.kernel.org, linux-afs@...ts.infradead.org
Subject: Re: [PATCH 03/24] VFS: Introduce the structs and doc for a filesystem context [ver #7]

Randy Dunlap <rdunlap@...radead.org> wrote:

> > + (2) Parse the options and attach them to the context.  Options may be passed
> > +     individually from userspace.
> 
> Does this say that step (2) can be multiple small steps?

Perhaps "phase (2)" would be a better name than "step (2)".  During (2),
multiple argument-supplying calls may be made.

> How does step (2) know when userspace has completed sending individual
> options?

Moving to phase (3) terminates phase (2).  This is triggered by userspace
writing "x create" or "x reconfigure" to the fd as things stand.

> > + (6) Return an error message attached to the context.
> 
> where/how is this done?

That got taken out and made general - which Linus then objected to.  I need to
reinsert this and make it fscontext-specific as most people would really like
to have it, the mount process being able to produce so many weird and
wonderful errors.

> > +When the VFS creates this, it allocates ->fs_context_size bytes (as specified
> > +by the file_system_type object) to hold both the fs_context struct and any
> > +extra data required by the filesystem.  The fs_context struct is placed at the
> > +beginning of this space.  Any extra space beyond that is for use by the
> > +filesystem.  The filesystem should wrap the struct in its own, e.g.:
> 
>                                                       in its own struct, e.g.:

How about "... The filesystem should wrap the struct in one of its own, e.g."?

> > + (*) int security_fs_context_parse_option(struct fs_context *fc, char *opt);	
> > +
> > +     Called for each mount option.  The arguments are as for the
> > +     ->parse_option() method.  An active LSM may reject one with an error, pass
> > +     one over and return 0 or consume one and return 1.  If consumed, the
> 
> What does "pass one over" mean?

How about:

	An active LSM may return 0 to pass the option on to the filesystem, 1
	to cause the option to be discarded or an error to cause the option to
	be rejected.

David

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ