| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 6 May 2020 05:02:52 +0100
From: Al Viro <viro@...iv.linux.org.uk>
To: Kees Cook <keescook@...omium.org>
Cc: James Morris <jmorris@...ei.org>,
"Serge E. Hallyn" <serge@...lyn.com>,
linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] securityfs: Add missing d_delete() call on removal
On Tue, May 05, 2020 at 08:28:33PM -0700, Kees Cook wrote:
> On Wed, May 06, 2020 at 02:14:31AM +0100, Al Viro wrote:
> > On Tue, May 05, 2020 at 04:40:35PM -0700, Kees Cook wrote:
> > > After using simple_unlink(), a call to d_delete() is needed in addition
> > > to dput().
> > >
> > > Signed-off-by: Kees Cook <keescook@...omium.org>
> > > ---
> > > Is this correct? I went looking around and there are a lot of variations
> > > on the simple_unlink() pattern...
> > >
> > > Many using explicit locking and combinations of d_drop(), __d_drop(), etc.
> >
> > Quite a few of those should switch to simple_recursive_removal(). As for
> > securityfs... d_drop() is _probably_ a saner variant, but looking at the
> > callers of that thing... at least IMA ones seem to be garbage.
>
> Hmm, I dunno. I hadn't looked at these yet. I'm not sure what's needed
> for those cases.
>
> Is my patch to add d_delete() correct, though? I'm trying to construct
> the right set of calls for pstore's filesystem, and I noticed that most
> will do simple_unlink(), d_delete(), dput(), but securityfs seemed to be
> missing it.
d_drop(). d_delete() is for the situations when you want the sucker
to become a hashed negative, if at all possible.
Re pstore: context, please.
Powered by blists - more mailing lists