linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH] TOMOYO: use designated initializers
@ 2016-12-17  1:05 Kees Cook
  2016-12-17  2:55 ` Tetsuo Handa
  0 siblings, 1 reply; 4+ messages in thread
From: Kees Cook @ 2016-12-17  1:05 UTC (permalink / raw)
  To: linux-kernel
  Cc: Kentaro Takeda, Tetsuo Handa, James Morris, Serge E. Hallyn,
	linux-security-module

Prepare to mark sensitive kernel structures for randomization by making
sure they're using designated initializers. These were identified during
allyesconfig builds of x86, arm, and arm64, with most initializer fixes
extracted from grsecurity.

Signed-off-by: Kees Cook <keescook@chromium.org>
---
 security/tomoyo/file.c   | 12 ++++++------
 security/tomoyo/tomoyo.c | 20 ++++++++++----------
 2 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/security/tomoyo/file.c b/security/tomoyo/file.c
index 7041a580019e..223f21ffa632 100644
--- a/security/tomoyo/file.c
+++ b/security/tomoyo/file.c
@@ -692,7 +692,7 @@ int tomoyo_path_number_perm(const u8 type, const struct path *path,
 {
 	struct tomoyo_request_info r;
 	struct tomoyo_obj_info obj = {
-		.path1 = *path,
+		.path1 = { .mnt = path->mnt, .dentry = path->dentry },
 	};
 	int error = -ENOMEM;
 	struct tomoyo_path_info buf;
@@ -740,7 +740,7 @@ int tomoyo_check_open_permission(struct tomoyo_domain_info *domain,
 	struct tomoyo_path_info buf;
 	struct tomoyo_request_info r;
 	struct tomoyo_obj_info obj = {
-		.path1 = *path,
+		.path1 = { .mnt = path->mnt, .dentry = path->dentry },
 	};
 	int idx;
 
@@ -786,7 +786,7 @@ int tomoyo_path_perm(const u8 operation, const struct path *path, const char *ta
 {
 	struct tomoyo_request_info r;
 	struct tomoyo_obj_info obj = {
-		.path1 = *path,
+		.path1 = { .mnt = path->mnt, .dentry = path->dentry },
 	};
 	int error;
 	struct tomoyo_path_info buf;
@@ -843,7 +843,7 @@ int tomoyo_mkdev_perm(const u8 operation, const struct path *path,
 {
 	struct tomoyo_request_info r;
 	struct tomoyo_obj_info obj = {
-		.path1 = *path,
+		.path1 = { .mnt = path->mnt, .dentry = path->dentry },
 	};
 	int error = -ENOMEM;
 	struct tomoyo_path_info buf;
@@ -890,8 +890,8 @@ int tomoyo_path2_perm(const u8 operation, const struct path *path1,
 	struct tomoyo_path_info buf2;
 	struct tomoyo_request_info r;
 	struct tomoyo_obj_info obj = {
-		.path1 = *path1,
-		.path2 = *path2,
+		.path1 = { .mnt = path1->mnt, .dentry = path1->dentry },
+		.path2 = { .mnt = path2->mnt, .dentry = path2->dentry }
 	};
 	int idx;
 
diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c
index 75c998700190..b9569d497df2 100644
--- a/security/tomoyo/tomoyo.c
+++ b/security/tomoyo/tomoyo.c
@@ -165,7 +165,7 @@ static int tomoyo_path_truncate(const struct path *path)
  */
 static int tomoyo_path_unlink(const struct path *parent, struct dentry *dentry)
 {
-	struct path path = { parent->mnt, dentry };
+	struct path path = { .mnt = parent->mnt, .dentry = dentry };
 	return tomoyo_path_perm(TOMOYO_TYPE_UNLINK, &path, NULL);
 }
 
@@ -181,7 +181,7 @@ static int tomoyo_path_unlink(const struct path *parent, struct dentry *dentry)
 static int tomoyo_path_mkdir(const struct path *parent, struct dentry *dentry,
 			     umode_t mode)
 {
-	struct path path = { parent->mnt, dentry };
+	struct path path = { .mnt = parent->mnt, .dentry = dentry };
 	return tomoyo_path_number_perm(TOMOYO_TYPE_MKDIR, &path,
 				       mode & S_IALLUGO);
 }
@@ -196,7 +196,7 @@ static int tomoyo_path_mkdir(const struct path *parent, struct dentry *dentry,
  */
 static int tomoyo_path_rmdir(const struct path *parent, struct dentry *dentry)
 {
-	struct path path = { parent->mnt, dentry };
+	struct path path = { .mnt = parent->mnt, .dentry = dentry };
 	return tomoyo_path_perm(TOMOYO_TYPE_RMDIR, &path, NULL);
 }
 
@@ -212,7 +212,7 @@ static int tomoyo_path_rmdir(const struct path *parent, struct dentry *dentry)
 static int tomoyo_path_symlink(const struct path *parent, struct dentry *dentry,
 			       const char *old_name)
 {
-	struct path path = { parent->mnt, dentry };
+	struct path path = { .mnt = parent->mnt, .dentry = dentry };
 	return tomoyo_path_perm(TOMOYO_TYPE_SYMLINK, &path, old_name);
 }
 
@@ -229,7 +229,7 @@ static int tomoyo_path_symlink(const struct path *parent, struct dentry *dentry,
 static int tomoyo_path_mknod(const struct path *parent, struct dentry *dentry,
 			     umode_t mode, unsigned int dev)
 {
-	struct path path = { parent->mnt, dentry };
+	struct path path = { .mnt = parent->mnt, .dentry = dentry };
 	int type = TOMOYO_TYPE_CREATE;
 	const unsigned int perm = mode & S_IALLUGO;
 
@@ -268,8 +268,8 @@ static int tomoyo_path_mknod(const struct path *parent, struct dentry *dentry,
 static int tomoyo_path_link(struct dentry *old_dentry, const struct path *new_dir,
 			    struct dentry *new_dentry)
 {
-	struct path path1 = { new_dir->mnt, old_dentry };
-	struct path path2 = { new_dir->mnt, new_dentry };
+	struct path path1 = { .mnt = new_dir->mnt, .dentry = old_dentry };
+	struct path path2 = { .mnt = new_dir->mnt, .dentry = new_dentry };
 	return tomoyo_path2_perm(TOMOYO_TYPE_LINK, &path1, &path2);
 }
 
@@ -288,8 +288,8 @@ static int tomoyo_path_rename(const struct path *old_parent,
 			      const struct path *new_parent,
 			      struct dentry *new_dentry)
 {
-	struct path path1 = { old_parent->mnt, old_dentry };
-	struct path path2 = { new_parent->mnt, new_dentry };
+	struct path path1 = { .mnt = old_parent->mnt, .dentry = old_dentry };
+	struct path path2 = { .mnt = new_parent->mnt, .dentry = new_dentry };
 	return tomoyo_path2_perm(TOMOYO_TYPE_RENAME, &path1, &path2);
 }
 
@@ -417,7 +417,7 @@ static int tomoyo_sb_mount(const char *dev_name, const struct path *path,
  */
 static int tomoyo_sb_umount(struct vfsmount *mnt, int flags)
 {
-	struct path path = { mnt, mnt->mnt_root };
+	struct path path = { .mnt = mnt, .dentry = mnt->mnt_root };
 	return tomoyo_path_perm(TOMOYO_TYPE_UMOUNT, &path, NULL);
 }
 
-- 
2.7.4


-- 
Kees Cook
Nexus Security

^ permalink raw reply related	[flat|nested] 4+ messages in thread
* Re: [PATCH] TOMOYO: use designated initializers
  2016-12-17  1:05 [PATCH] TOMOYO: use designated initializers Kees Cook
@ 2016-12-17  2:55 ` Tetsuo Handa
  2017-03-29 20:45   ` Kees Cook
  0 siblings, 1 reply; 4+ messages in thread
From: Tetsuo Handa @ 2016-12-17  2:55 UTC (permalink / raw)
  To: keescook, linux-kernel
  Cc: takedakn, james.l.morris, serge, linux-security-module

Kees Cook wrote:
> Prepare to mark sensitive kernel structures for randomization by making
> sure they're using designated initializers. These were identified during
> allyesconfig builds of x86, arm, and arm64, with most initializer fixes
> extracted from grsecurity.
> 
> Signed-off-by: Kees Cook <keescook@chromium.org>
> ---
>  security/tomoyo/file.c   | 12 ++++++------
>  security/tomoyo/tomoyo.c | 20 ++++++++++----------
>  2 files changed, 16 insertions(+), 16 deletions(-)

Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>

James, please apply to linux-security.git .

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [PATCH] TOMOYO: use designated initializers
  2016-12-17  2:55 ` Tetsuo Handa
@ 2017-03-29 20:45   ` Kees Cook
  2017-03-29 22:32     ` James Morris
  0 siblings, 1 reply; 4+ messages in thread
From: Kees Cook @ 2017-03-29 20:45 UTC (permalink / raw)
  To: Tetsuo Handa
  Cc: LKML, Kentaro Takeda, James Morris, Serge E. Hallyn,
	linux-security-module

On Fri, Dec 16, 2016 at 6:55 PM, Tetsuo Handa
<penguin-kernel@i-love.sakura.ne.jp> wrote:
> Kees Cook wrote:
>> Prepare to mark sensitive kernel structures for randomization by making
>> sure they're using designated initializers. These were identified during
>> allyesconfig builds of x86, arm, and arm64, with most initializer fixes
>> extracted from grsecurity.
>>
>> Signed-off-by: Kees Cook <keescook@chromium.org>
>> ---
>>  security/tomoyo/file.c   | 12 ++++++------
>>  security/tomoyo/tomoyo.c | 20 ++++++++++----------
>>  2 files changed, 16 insertions(+), 16 deletions(-)
>
> Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
>
> James, please apply to linux-security.git .

Friendly ping. :) James, I don't think this ever got into -next?

-Kees

-- 
Kees Cook
Pixel Security

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [PATCH] TOMOYO: use designated initializers
  2017-03-29 20:45   ` Kees Cook
@ 2017-03-29 22:32     ` James Morris
  0 siblings, 0 replies; 4+ messages in thread
From: James Morris @ 2017-03-29 22:32 UTC (permalink / raw)
  To: Kees Cook, Tetsuo Handa
  Cc: LKML, Kentaro Takeda, Serge E. Hallyn, linux-security-module

On 30/03/17 07:45, Kees Cook wrote:
> On Fri, Dec 16, 2016 at 6:55 PM, Tetsuo Handa
> <penguin-kernel@i-love.sakura.ne.jp> wrote:
>> Kees Cook wrote:
>>> Prepare to mark sensitive kernel structures for randomization by making
>>> sure they're using designated initializers. These were identified during
>>> allyesconfig builds of x86, arm, and arm64, with most initializer fixes
>>> extracted from grsecurity.
>>>
>>> Signed-off-by: Kees Cook <keescook@chromium.org>
>>> ---
>>>  security/tomoyo/file.c   | 12 ++++++------
>>>  security/tomoyo/tomoyo.c | 20 ++++++++++----------
>>>  2 files changed, 16 insertions(+), 16 deletions(-)
>>
>> Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
>>
>> James, please apply to linux-security.git .
>
> Friendly ping. :) James, I don't think this ever got into -next?

Please resend it.

^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2017-03-29 22:32 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-12-17  1:05 [PATCH] TOMOYO: use designated initializers Kees Cook
2016-12-17  2:55 ` Tetsuo Handa
2017-03-29 20:45   ` Kees Cook
2017-03-29 22:32     ` James Morris

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).