| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <208C9D5E-E63B-4A89-BC91-E163CF52AD03@vt.edu>
Date: Tue, 25 Sep 2018 20:47:54 -0400
From: TongZhang <ztong@...edu>
To: james.morris@...rosoft.com, Paul Moore <paul@...l-moore.com>,
ebiederm@...ssion.com, casey@...aufler-ca.com, sargun@...gun.me,
fengc@...gle.com, mjg59@...gle.com,
Stephen Smalley <sds@...ho.nsa.gov>,
richard_c_haines@...nternet.com
Cc: LKML <linux-kernel@...r.kernel.org>,
linux-security-module@...r.kernel.org,
Wenbo Shen <shenwenbosmile@...il.com>
Subject: Naming confusion and code comments for
security_kernel_(post_)read_file
When we were doing code review, we found and feel that the current name and
description of security_kernel_read_file and security_kernel_post_read_file,
and corresponding document/code comment in include/linux/lsm_hooks.h is
confusing and kind of misleading as we discovered that security_kernel_(post_)read_file and kernel_read() do not always in appear in pair.
security_kerne(post_)read_file is only interested in checking firmware/kernel module/policy file etc, however, kernel_read() are used in other places in which the parameters are also specified by userspace. For example, kernel_read() is used in https://elixir.bootlin.com/linux/latest/source/arch/x86/ia32/ia32_aout.c#L413
We suggest that it might be better to fixing the code comment as well as
the function naming and it may help clarify the purpose of this LSM hook function.
- Tong
Powered by blists - more mailing lists