| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 18 Dec 2023 15:22:50 +0100 From: Alfred Piccioni <alpic@...gle.com> To: Paul Moore <paul@...l-moore.com>, Stephen Smalley <stephen.smalley.work@...il.com>, Eric Paris <eparis@...isplace.org> Cc: stable@...r.kernel.org, selinux@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] SELinux: Introduce security_file_ioctl_compat hook > s/emmits/emits/ Fixed. > It doesn't (or shouldn't) replace security_file_ioctl, and the hook > doesn't appear to be conditional on CONFIG_COMPAT per se. > It is a new hook that is called from the compat ioctl syscall. The old > hook continues to be used from the regular ioctl syscall and > elsewhere. Yup, reworded to be more correct. Partially lack of understanding on my part of how the ioctl syscalls were being made. > I don't understand why you made this change, possibly a leftover of an > earlier version of the patch that tried to replace > security_file_ioctl() everywhere? Correct. Forgot to go back and remove it. Fixed. > By the way, for extra credit, you could augment the ioctl tests in the > selinux-testsuite to also exercise this new hook and confirm that it > works correctly. See > https://github.com/SELinuxProject/selinux-testsuite particularly > tests/ioctl and policy/test_ioctl.te. Feel free to ask for help on > that. I do like extra credit. I'll take a look and see if it's something I can tackle. I'm primarily doing ad hoc checks on Android devices, so I'm unsure how easy it will be for me to run the suite. I'll get back to you shortly on that.
Powered by blists - more mailing lists