Re: [PATCH v13 2/4] fs: add LSM-supporting anon-inode interface

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: dancol <dancol@xxxxxxxxxx>
Subject: Re: [PATCH v13 2/4] fs: add LSM-supporting anon-inode interface
From: Paul Moore <paul@xxxxxxxxxxxxxx>
Date: Wed, 6 Jan 2021 22:05:36 -0500
Cc: Lokesh Gidra <lokeshgidra@xxxxxxxxxx>, Andrea Arcangeli <aarcange@xxxxxxxxxx>, Alexander Viro <viro@xxxxxxxxxxxxxxxxxx>, James Morris <jmorris@xxxxxxxxx>, Stephen Smalley <stephen.smalley.work@xxxxxxxxx>, Casey Schaufler <casey@xxxxxxxxxxxxxxxx>, Eric Biggers <ebiggers@xxxxxxxxxx>, "Serge E. Hallyn" <serge@xxxxxxxxxx>, Eric Paris <eparis@xxxxxxxxxxxxxx>, Kees Cook <keescook@xxxxxxxxxxxx>, "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>, KP Singh <kpsingh@xxxxxxxxxx>, David Howells <dhowells@xxxxxxxxxx>, Anders Roxell <anders.roxell@xxxxxxxxxx>, Sami Tolvanen <samitolvanen@xxxxxxxxxx>, Matthew Garrett <matthewgarrett@xxxxxxxxxx>, Aaron Goidel <acgoide@xxxxxxxxxxxxx>, Randy Dunlap <rdunlap@xxxxxxxxxxxxx>, "Joel Fernandes (Google)" <joel@xxxxxxxxxxxxxxxxx>, YueHaibing <yuehaibing@xxxxxxxxxx>, Christian Brauner <christian.brauner@xxxxxxxxxx>, Alexei Starovoitov <ast@xxxxxxxxxx>, Alexey Budankov <alexey.budankov@xxxxxxxxxxxxxxx>, Adrian Reber <areber@xxxxxxxxxx>, Aleksa Sarai <cyphar@xxxxxxxxxx>, linux-fsdevel@xxxxxxxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx, linux-security-module@xxxxxxxxxxxxxxx, selinux@xxxxxxxxxxxxxxx, kaleshsingh@xxxxxxxxxx, calin@xxxxxxxxxx, surenb@xxxxxxxxxx, jeffv@xxxxxxxxxx, kernel-team@xxxxxxxxxxx, linux-mm@xxxxxxxxx, Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>, hch@xxxxxxxxxxxxx, Daniel Colascione <dancol@xxxxxxxxxx>, Eric Biggers <ebiggers@xxxxxxxxxx>
In-reply-to: <f7dfe33a4d0f9c27f3e25f72a988201a@dancol.org>
References: <20201112015359.1103333-1-lokeshgidra@google.com> <20201112015359.1103333-3-lokeshgidra@google.com> <CAHC9VhScpFVtxzU_nUDUc4zGT7+EZKFRpYAm+Ps5vd2AjKkaMQ@mail.gmail.com> <f7dfe33a4d0f9c27f3e25f72a988201a@dancol.org>

On Wed, Jan 6, 2021 at 9:42 PM dancol <dancol@xxxxxxxxxx> wrote:
>
> On 2021-01-06 21:09, Paul Moore wrote:
> > Is it necessary to pass both the context_inode pointer and the secure
> > boolean?  It seems like if context_inode is non-NULL then one could
> > assume that a secure anonymous inode was requested; is there ever
> > going to be a case where this is not true?
>
> The converse isn't true though: it makes sense to ask for a secure inode
> with a NULL context inode.

Having looked at patch 3/4 and 4/4 I just realized that and was coming
back to update my comments :)

-- 
paul moore
www.paul-moore.com

References:
- [PATCH v13 0/4] SELinux support for anonymous inodes and UFFD
  - From: Lokesh Gidra
- [PATCH v13 2/4] fs: add LSM-supporting anon-inode interface
  - From: Lokesh Gidra
- Re: [PATCH v13 2/4] fs: add LSM-supporting anon-inode interface
  - From: Paul Moore
- Re: [PATCH v13 2/4] fs: add LSM-supporting anon-inode interface
  - From: dancol

Prev by Date: Re: [PATCH v13 3/4] selinux: teach SELinux about anonymous inodes
Next by Date: Re: [PATCH v13 2/4] fs: add LSM-supporting anon-inode interface
Previous by thread: Re: [PATCH v13 2/4] fs: add LSM-supporting anon-inode interface
Next by thread: [PATCH v13 4/4] userfaultfd: use secure anon inodes for userfaultfd
Index(es):
- Date
- Thread

[Index of Archives] [Selinux Refpolicy] [Linux SGX] [Fedora Users] [Fedora Desktop] [Yosemite Photos] [Yosemite Camping] [Yosemite Campsites] [KDE Users] [Gnome Users]