lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Thu, 06 Aug 2020 20:23:51 -0400
From:   Mimi Zohar <>
To:     Kees Cook <>,
        Greg Kroah-Hartman <>
Cc:     Scott Branden <>,
        Luis Chamberlain <>,
        Takashi Iwai <>, Jessica Yu <>,
        SeongJae Park <>,
        KP Singh <>,,,,,,
Subject: Re: [PATCH v4 12/17] LSM: Add "contents" flag to kernel_read_file

On Wed, 2020-07-29 at 10:58 -0700, Kees Cook wrote:
> As with the kernel_load_data LSM hook, add a "contents" flag to the
> kernel_read_file LSM hook that indicates whether the LSM can expect
> a matching call to the kernel_post_read_file LSM hook with the full
> contents of the file. With the coming addition of partial file read
> support for kernel_read_file*() API, the LSM will no longer be able
> to always see the entire contents of a file during the read calls.
> For cases where the LSM must read examine the complete file contents,
> it will need to do so on its own every time the kernel_read_file
> hook is called with contents=false (or reject such cases). Adjust all
> existing LSMs to retain existing behavior.
> Signed-off-by: Kees Cook <>

Reviewed-by: Mimi Zohar <>

Powered by blists - more mailing lists