From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
To: jlbec@evilplan.org
Cc: ocfs2-devel@oss.oracle.com, reiserfs-devel@vger.kernel.org,
eparis@parisplace.org, casey@schaufler-ca.com, zohar@us.ibm.com,
serge.hallyn@canonical.com, linux-fsdevel@vger.kernel.org,
linux-security-module@vger.kernel.org
Subject: Re: [PATCH] xattr: Constify ->name member of "struct xattr".
Date: Sun, 9 Jun 2013 21:09:56 +0900 [thread overview]
Message-ID: <201306092109.GBB81777.JOHtFOMQVLSFOF@I-love.SAKURA.ne.jp> (raw)
In-Reply-To: <20130609090721.GD5531@localhost>
Joel Becker wrote:
> I can't really comment on the concept, but if security folks agree, the
> ocfs2 part looks fine.
This is merely a bugfix/cleanup with a bit of cpu usage reduction.
I noticed that EVM by error returns "struct xattr"->name == NULL and
"struct xattr"->value != NULL if kstrdup(XATTR_EVM_SUFFIX, GFP_NOFS) failed,
resulting in EVM security attribute not associated with inode and leak memory.
The proposed (but now turned out to be incorrect) fix is
http://marc.info/?l=linux-security-module&m=136965357007829&w=2 .
But I also noticed that all of SELinux, Smack and EVM sets "struct xattr"->name
a kstrdup()ed constant suffix. Therefore, if passing constant suffix
("const char *") rather than kstrdup()ed constant suffix ("char *") does not
break "struct xattr"->name users, SELinux, Smack and EVM can omit kstrdup()ing
their constant suffix. Therefore, I'm querying you whether changing from
"char *name" to "const char *name" breaks your filesystem.
If my proposal breaks your filesystem, I'm happy to fix only EVM code.
Regards.
WARNING: multiple messages have this Message-ID (diff)
From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
To: jlbec@evilplan.org
Cc: ocfs2-devel@oss.oracle.com, reiserfs-devel@vger.kernel.org,
eparis@parisplace.org, casey@schaufler-ca.com, zohar@us.ibm.com,
serge.hallyn@canonical.com, linux-fsdevel@vger.kernel.org,
linux-security-module@vger.kernel.org
Subject: [Ocfs2-devel] [PATCH] xattr: Constify ->name member of "struct xattr".
Date: Sun, 09 Jun 2013 12:10:47 -0000 [thread overview]
Message-ID: <201306092109.GBB81777.JOHtFOMQVLSFOF@I-love.SAKURA.ne.jp> (raw)
In-Reply-To: <20130609090721.GD5531@localhost>
Joel Becker wrote:
> I can't really comment on the concept, but if security folks agree, the
> ocfs2 part looks fine.
This is merely a bugfix/cleanup with a bit of cpu usage reduction.
I noticed that EVM by error returns "struct xattr"->name == NULL and
"struct xattr"->value != NULL if kstrdup(XATTR_EVM_SUFFIX, GFP_NOFS) failed,
resulting in EVM security attribute not associated with inode and leak memory.
The proposed (but now turned out to be incorrect) fix is
http://marc.info/?l=linux-security-module&m=136965357007829&w=2 .
But I also noticed that all of SELinux, Smack and EVM sets "struct xattr"->name
a kstrdup()ed constant suffix. Therefore, if passing constant suffix
("const char *") rather than kstrdup()ed constant suffix ("char *") does not
break "struct xattr"->name users, SELinux, Smack and EVM can omit kstrdup()ing
their constant suffix. Therefore, I'm querying you whether changing from
"char *name" to "const char *name" breaks your filesystem.
If my proposal breaks your filesystem, I'm happy to fix only EVM code.
Regards.
next prev parent reply other threads:[~2013-06-09 12:09 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-05-29 12:52 [RFC] xattr: Constify ->name member of "struct xattr" Tetsuo Handa
2013-06-08 12:54 ` [PATCH] " Tetsuo Handa
2013-06-08 12:55 ` [Ocfs2-devel] " Tetsuo Handa
2013-06-08 12:54 ` Tetsuo Handa
2013-06-09 9:07 ` Joel Becker
2013-06-09 9:07 ` [Ocfs2-devel] " Joel Becker
2013-06-09 12:09 ` Tetsuo Handa [this message]
2013-06-09 12:10 ` Tetsuo Handa
2013-06-24 13:05 ` Tetsuo Handa
2013-06-24 13:05 ` Tetsuo Handa
[not found] ` <201307231723.GBI69775.VSOLHFQFOOtJMF@I-love.SAKURA.ne.jp>
2013-07-24 19:34 ` Eric Paris
2013-06-10 11:54 ` Serge Hallyn
2013-06-10 11:54 ` [Ocfs2-devel] " Serge Hallyn
2013-06-10 15:53 ` Casey Schaufler
2013-06-10 15:53 ` [Ocfs2-devel] " Casey Schaufler
2013-07-23 18:27 ` Paul Moore
2013-07-23 18:27 ` [Ocfs2-devel] " Paul Moore
2013-07-23 18:27 ` Paul Moore
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201306092109.GBB81777.JOHtFOMQVLSFOF@I-love.SAKURA.ne.jp \
--to=penguin-kernel@i-love.sakura.ne.jp \
--cc=casey@schaufler-ca.com \
--cc=eparis@parisplace.org \
--cc=jlbec@evilplan.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=ocfs2-devel@oss.oracle.com \
--cc=reiserfs-devel@vger.kernel.org \
--cc=serge.hallyn@canonical.com \
--cc=zohar@us.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.