From: James Morris <jmorris@namei.org>
To: Ondrej Mosnacek <omosnace@redhat.com>
Cc: Linux Security Module list
<linux-security-module@vger.kernel.org>,
"Serge E. Hallyn" <serge@hallyn.com>,
Casey Schaufler <casey@schaufler-ca.com>,
SElinux list <selinux@vger.kernel.org>,
Paul Moore <paul@paul-moore.com>,
Stephen Smalley <sds@tycho.nsa.gov>,
John Johansen <john.johansen@canonical.com>,
Kees Cook <keescook@chromium.org>,
Micah Morton <mortonm@chromium.org>,
Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>
Subject: Re: [PATCH 2/2] security,selinux: get rid of security_delete_hooks()
Date: Thu, 9 Jan 2020 05:47:47 +1100 (AEDT) [thread overview]
Message-ID: <alpine.LRH.2.21.2001090547340.27794@namei.org> (raw)
In-Reply-To: <CAFqZXNvbNqrTJWxdQU4P-7O-kLRcGW+QcL7LY5Ca8rULLm2ScA@mail.gmail.com>
On Wed, 8 Jan 2020, Ondrej Mosnacek wrote:
> > > {
> > > const struct cred *cred = current_cred();
> > > struct superblock_security_struct *sbsec = sb->s_security;
> > > - struct dentry *root = sbsec->sb->s_root;
> > > struct selinux_mnt_opts *opts = mnt_opts;
> >
> > Seems like there are a bunch of unrelated cleanups mixed in here.
>
> These are not unrelated - we need to avoid dereferencing the security
> structs before checking selinux_disabled(), because they may be NULL
> or uninitialized when SELinux has been diabled.
Ok.
--
James Morris
<jmorris@namei.org>
prev parent reply other threads:[~2020-01-08 18:48 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-01-07 13:31 [PATCH 0/2] LSM: Drop security_delete_hooks() Ondrej Mosnacek
2020-01-07 13:31 ` [PATCH 1/2] selinux: treat atomic flags more carefully Ondrej Mosnacek
2020-01-07 14:45 ` Stephen Smalley
2020-01-07 18:09 ` Kees Cook
2020-01-07 19:45 ` James Morris
2020-01-10 20:22 ` Paul Moore
2020-01-10 20:21 ` Paul Moore
2020-01-07 13:31 ` [PATCH 2/2] security,selinux: get rid of security_delete_hooks() Ondrej Mosnacek
2020-01-07 14:47 ` [PATCH 2/2] security, selinux: " Stephen Smalley
2020-01-08 5:31 ` Paul Moore
2020-01-08 8:15 ` Ondrej Mosnacek
2020-01-08 13:45 ` Paul Moore
2020-01-08 14:49 ` Stephen Smalley
2020-01-07 16:46 ` [PATCH 2/2] security,selinux: " Casey Schaufler
2020-01-07 18:10 ` Kees Cook
2020-01-07 19:59 ` James Morris
2020-01-08 8:21 ` Ondrej Mosnacek
2020-01-08 18:47 ` James Morris [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=alpine.LRH.2.21.2001090547340.27794@namei.org \
--to=jmorris@namei.org \
--cc=casey@schaufler-ca.com \
--cc=john.johansen@canonical.com \
--cc=keescook@chromium.org \
--cc=linux-security-module@vger.kernel.org \
--cc=mortonm@chromium.org \
--cc=omosnace@redhat.com \
--cc=paul@paul-moore.com \
--cc=penguin-kernel@i-love.sakura.ne.jp \
--cc=sds@tycho.nsa.gov \
--cc=selinux@vger.kernel.org \
--cc=serge@hallyn.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.