| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20251209091359.GW1712166@ZenIV> Date: Tue, 9 Dec 2025 09:13:59 +0000 From: Al Viro <viro@...iv.linux.org.uk> To: Tianjia Zhang <tianjia.zhang@...ux.alibaba.com> Cc: Christian Brauner <brauner@...nel.org>, Jan Kara <jack@...e.cz>, linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] file: Call security_file_alloc() after initializing the filp On Tue, Dec 09, 2025 at 03:53:47PM +0800, Tianjia Zhang wrote: > When developing a dedicated LSM module, we need to operate on the > file object within the LSM function, such as retrieving the path. > However, in `security_file_alloc()`, the passed-in `filp` is > only a valid pointer; the content of `filp` is completely > uninitialized and entirely random, which confuses the LSM function. > > Therefore, it is necessary to call `security_file_alloc()` only > after the main fields of the `filp` object have been initialized. > This patch only moves the call to `security_file_alloc()` to the > end of the `init_file()` function. Which fields would those be and why would ->file_alloc(), which is not called anywhere else, depend on any values being stored there? And how would init_file() know which path we are going to use that struct file for, anyway, considering that file is allocated and init_file() called *before* we get around to resolving the pathname?
Powered by blists - more mailing lists