lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 13 May 2020 13:13:35 +0000 From: Luis Chamberlain <mcgrof@...nel.org> To: Al Viro <viro@...iv.linux.org.uk>, keescook@...omium.org, Scott Branden <scott.branden@...adcom.com>, Mimi Zohar <zohar@...ux.vnet.ibm.com>, linux-security-module@...r.kernel.org, jmorris@...ei.org, serge@...lyn.com, ast@...nel.org, daniel@...earbox.net, kafai@...com, songliubraving@...com, yhs@...com, andriin@...com, john.fastabend@...il.com, kpsingh@...omium.org Cc: Shuah Khan <skhan@...uxfoundation.org>, axboe@...nel.dk, zohar@...ux.vnet.ibm.com, linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH v2 2/2] fs: avoid fdput() after failed fdget() in kernel_read_file_from_fd() On Wed, May 13, 2020 at 06:49:50AM +0100, Al Viro wrote: > On Tue, May 12, 2020 at 01:43:05PM -0600, Shuah Khan wrote: > > diff --git a/fs/exec.c b/fs/exec.c > > index 06b4c550af5d..ea24bdce939d 100644 > > --- a/fs/exec.c > > +++ b/fs/exec.c > > @@ -1021,8 +1021,8 @@ int kernel_read_file_from_fd(int fd, void **buf, loff_t *size, loff_t max_size, > > goto out; > > > > ret = kernel_read_file(f.file, buf, size, max_size, id); > > -out: > > fdput(f); > > +out: > > return ret; > > Incidentally, why is that thing exported? Both kernel_read_file_from_fd() and kernel_read_file() are exported because they have users, however kernel_read_file() only has security stuff as a user. Do we want to get rid of the lsm hook for it? I also have some non-posted patches which tucks away these kernel_read*() exports under a symbol namespace, to avoid wide-spread use / abuse on areas in the kernel, so I'd be happy to take this on if we want to remove it export / lsm hook as part of my series. I did this as there is another series of patches for a new driver which extend these family of functions with a now pread() variant.... Luis
Powered by blists - more mailing lists