| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <202005052024.2D7626C742@keescook>
Date: Tue, 5 May 2020 20:28:33 -0700
From: Kees Cook <keescook@...omium.org>
To: Al Viro <viro@...iv.linux.org.uk>
Cc: James Morris <jmorris@...ei.org>,
"Serge E. Hallyn" <serge@...lyn.com>,
linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] securityfs: Add missing d_delete() call on removal
On Wed, May 06, 2020 at 02:14:31AM +0100, Al Viro wrote:
> On Tue, May 05, 2020 at 04:40:35PM -0700, Kees Cook wrote:
> > After using simple_unlink(), a call to d_delete() is needed in addition
> > to dput().
> >
> > Signed-off-by: Kees Cook <keescook@...omium.org>
> > ---
> > Is this correct? I went looking around and there are a lot of variations
> > on the simple_unlink() pattern...
> >
> > Many using explicit locking and combinations of d_drop(), __d_drop(), etc.
>
> Quite a few of those should switch to simple_recursive_removal(). As for
> securityfs... d_drop() is _probably_ a saner variant, but looking at the
> callers of that thing... at least IMA ones seem to be garbage.
Hmm, I dunno. I hadn't looked at these yet. I'm not sure what's needed
for those cases.
Is my patch to add d_delete() correct, though? I'm trying to construct
the right set of calls for pstore's filesystem, and I noticed that most
will do simple_unlink(), d_delete(), dput(), but securityfs seemed to be
missing it.
--
Kees Cook
Powered by blists - more mailing lists