| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 3 Apr 2024 11:02:53 -0400 From: Paul Moore <paul@...l-moore.com> To: Mimi Zohar <zohar@...ux.ibm.com> Cc: Roberto Sassu <roberto.sassu@...weicloud.com>, viro@...iv.linux.org.uk, brauner@...nel.org, jack@...e.cz, jmorris@...ei.org, serge@...lyn.com, linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org, linux-security-module@...r.kernel.org, linux-cifs@...r.kernel.org, linux-integrity@...r.kernel.org, pc@...guebit.com, torvalds@...ux-foundation.org, Roberto Sassu <roberto.sassu@...wei.com>, Steve French <smfrench@...il.com> Subject: Re: [RESEND][PATCH v3] security: Place security_path_post_mknod() where the original IMA call was On Wed, Apr 3, 2024 at 9:11 AM Mimi Zohar <zohar@...ux.ibm.com> wrote: > On Wed, 2024-04-03 at 11:07 +0200, Roberto Sassu wrote: > > > > However, as reported by VFS maintainers, successful mknod operation does > > not mean that the dentry always has an inode attached to it (for example, > > not for FIFOs on a SAMBA mount). > > > > If that condition happens, the kernel crashes when > > security_path_post_mknod() attempts to verify if the inode associated to > > the dentry is private. > > This is an example of why making the LSM hook more generic than needed didn't > work. Based on the discussion there is no valid reason for making the hook more > generic. I agree, I think we all do, but I don't think we want to get into process discussions in the patch description. The description explains the original motivation for the buggy commit, the problem it caused, and the solution; that's enough IMHO. -- paul-moore.com
Powered by blists - more mailing lists