On 9/5/2013 11:48 AM, Kees Cook wrote:
> On Mon, Aug 26, 2013 at 7:29 PM, Casey Schaufler <casey@xxxxxxxxxxxxxxxx> wrote:
>> On 8/6/2013 3:36 PM, Kees Cook wrote:
>>> On Tue, Aug 6, 2013 at 3:25 PM, Casey Schaufler <casey@xxxxxxxxxxxxxxxx> wrote:
>>>> On 8/5/2013 11:30 PM, Kees Cook wrote:
>>>>> On Thu, Jul 25, 2013 at 11:52 PM, Casey Schaufler <casey@xxxxxxxxxxxxxxxx> wrote:
>>>>>> The /proc/*/attr interfaces are given to one LSM. This can be
>>>>>> done by setting CONFIG_SECURITY_PRESENT. Additional interfaces
>>>>>> have been created in /proc/*/attr so that each LSM has its own
>>>>>> named interfaces. The name of the presenting LSM can be read from
>>>>> For me, this is one problem that was bothering me, but it was a cosmetic
>>>>> one that I'd mentioned before: I really disliked the /proc/$pid/attr
>>>>> interface being named "$lsm.$file". I feel it's important to build
>>>>> directories in attr/ for each LSM. So, I spent time to figure out a way to
>>>>> do this. This patch changes the interface to /proc/$pid/attr/$lsm/$file
>>>>> instead, which I feel has a much more appealing organizational structure.
>>>> I will confess that the reason I went with <lsm>.current instead of
>>>> <lsm>/current was that the former was easier to implement.
>>> Yeah, that's totally fine. It wasn't very obvious (to me) how to
>>> implement this initially, so no problem at all. I'm glad there was
>>> something more than bug fixes I could contribute to this series. :)
>> Oh dear. I'm rebasing for 3.12 and the macros don't generate compiling
>> code any longer. It seems that, among other things, readdir is no longer
>> a member of file_operations.
> Looks like f0c3b5093addc8bfe9fe3a5b01acb7ec7969eafa is what touched
> fs/proc/base.c and it should just need a few tweaks from "readdir"
> becoming "iterate", and the prototype changing.
>
> So it should just require bump the macros a little. Let's see if gmail
> eats my paste...
>
> diff --git a/fs/proc/base.c b/fs/proc/base.c
> index 4c80ffd..f670349 100644
> --- a/fs/proc/base.c
> +++ b/fs/proc/base.c
> @@ -2358,17 +2358,17 @@ static const struct file_operations proc_pid_attr_operat
> };
>
> #define LSM_DIR_OPS(LSM) \
> -static int proc_##LSM##_attr_dir_readdir(struct file * filp, \
> - void * dirent, filldir_t filldir) \
> +static int proc_##LSM##_attr_dir_iterate(struct file * filp, \
> + struct dir_context *ctx) \
> { \
> - return proc_pident_readdir(filp, dirent, filldir, \
> + return proc_pident_readdir(filp, ctx, \
> LSM##_attr_dir_stuff, \
> ARRAY_SIZE(LSM##_attr_dir_stuff)); \
> } \
> \
> static const struct file_operations proc_##LSM##_attr_dir_ops = { \
> .read = generic_read_dir, \
> - .readdir = proc_##LSM##_attr_dir_readdir, \
> + .iterate = proc_##LSM##_attr_dir_iterate, \
> .llseek = default_llseek, \
> }; \
> \
>
>
> Do you have the rest of the series already ported to 3.12?
>
> -Kees
>
Yes, but I did it last week before my holiday started, and have not updated since.
I will become active again upon my return. I hope to have the 3.12 version posted
before the Security Summit.
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
