On Tue, Sep 02, 2008 at 01:31:50PM +0900, Kentaro Takeda wrote: > Al, could you answer the following question? > > > The current Linux kernel is not designed to pass vfsmount parameter > that is crucial for pathname-based security including AppArmor and > TOMOYO Linux, to LSM. Though both projects have been proposing > patches to calculate pathname, none of them have been accepted as > you know. > > To find the reason for NACK, we examined past proposals and the > threads. And we came to understand that you oppose accessing vfsmount > inside vfs helper functions. Is our understanding correct? > > If our understanding is correct, we would like to propose a new > method that does not require modifications to vfs helper functions. > Attached patch is a trial of this method. > > vfs helper functions are surrounded by mnt_want_write() and > mnt_drop_write() pairs which receive "struct vfsmount" parameter > since 2.6.26. So, by remembering the absolute pathname of "struct > vfsmount" of the moment, LSM module can calculate an absolute > pathname of the given "struct dentry" parameter inside vfs_* > functions, without passing "struct vfsmount" parameter to vfs_* > functions. > > This approach doesn't access vfsmount inside vfs helper functions, > and modification of existing kernel is only in task_struct and > mnt_want/drop_write(). I don't know what Al Viro will say, but this is incredibly ugly. Even more ugly than previous patches. -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
