Re: [PATCH v2 15/18] fs/kernel_file_read: Add "offset" arg for partial reads

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Jul 22, 2020 at 03:29:26PM -0700, Scott Branden wrote:
> These changes don't pass the kernel-selftest for partial reads I added
> (which are at the end of this patch v2 series).

Oh, interesting. Is there any feedback in dmesg? I wonder if I have the
LSMs configured differently than you?

> See change below added for temp workaround for issue.

> > [...]
> > +
> > +	whole_file = (offset == 0 && i_size <= buf_size);
> A hack to get this passing I added which probably breaks some security?
> if (whole_file) {
> > +	ret = security_kernel_read_file(file, id, whole_file);
> > +	if (ret)
> > +		goto out;
> > +
> }

This would imply I did something wrong in the LSM hook refactoring (i.e.
some LSM is rejecting the !whole_file case, but if the entire call to
the hooks are skipped, it's okay).

What does this return on your test system:

	echo $(cat /sys/kernel/security/lsm)

(I wonder if I have IMA configured differently...)

Mimi, have you had a chance to test these changes?

-- 
Kees Cook

_______________________________________________
kexec mailing list
kexec@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/kexec



[Index of Archives]     [LM Sensors]     [Linux Sound]     [ALSA Users]     [ALSA Devel]     [Linux Audio Users]     [Linux Media]     [Kernel]     [Gimp]     [Yosemite News]     [Linux Media]

  Powered by Linux