Displaying 9 results from an estimated 9 matches for "security_old_inode_init_secur".
2022 Dec 01
1
[PATCH v7 3/6] security: Remove security_old_inode_init_security()
From: Roberto Sassu <roberto.sassu at huawei.com>
As the remaining two users reiserfs and ocfs2 switched to
security_inode_init_security(), security_old_inode_init_security() can be
now removed.
Out-of-tree kernel modules should switch to security_inode_init_security()
too.
Signed-off-by: Roberto Sassu <roberto.sassu at huawei.com>
Reviewed-by: Casey Schaufler <casey at schaufler-ca.com>
---
include/linux/security.h | 12 ------------
security/securi...
2023 Mar 14
2
[PATCH v8 2/6] ocfs2: Switch to security_inode_init_security()
From: Roberto Sassu <roberto.sassu at huawei.com>
In preparation for removing security_old_inode_init_security(), switch to
security_inode_init_security().
Extend the existing ocfs2_initxattrs() to take the
ocfs2_security_xattr_info structure from fs_info, and populate the
name/value/len triple with the first xattr provided by LSMs.
As fs_info was not used before, ocfs2_initxattrs() can now handle the...
2023 Mar 14
1
[PATCH v8 3/6] security: Remove security_old_inode_init_security()
From: Roberto Sassu <roberto.sassu at huawei.com>
As the remaining two users reiserfs and ocfs2 switched to
security_inode_init_security(), security_old_inode_init_security() can be
now removed.
Out-of-tree kernel modules should switch to security_inode_init_security()
too.
Signed-off-by: Roberto Sassu <roberto.sassu at huawei.com>
Reviewed-by: Casey Schaufler <casey at schaufler-ca.com>
Reviewed-by: Mimi Zohar <zohar at linux.ibm.com>
---
incl...
2023 Jan 10
3
[PATCH v7 2/6] ocfs2: Switch to security_inode_init_security()
On Thu, 2022-12-01 at 11:41 +0100, Roberto Sassu wrote:
> From: Roberto Sassu <roberto.sassu at huawei.com>
>
> In preparation for removing security_old_inode_init_security(), switch to
> security_inode_init_security().
>
> Extend the existing ocfs2_initxattrs() to take the
> ocfs2_security_xattr_info structure from fs_info, and populate the
> name/value/len triple with the first xattr provided by LSMs.
Hi Mark, Joel, Joseph
some time ago I sent t...
2023 Mar 14
7
[PATCH v8 0/6] evm: Do HMAC of multiple per LSM xattrs for new inodes
...other LSMs, needs to have visibility of all xattrs and not only the one
that the LSM infrastructure passes to the LSM to be set.
The solution is to replace in the inode_init_security definition the
name/value/len parameters with the beginning of the array containing all
xattrs set by LSMs. Due to security_old_inode_init_security() API
limitation of setting only one xattr, it has been dropped and the remaining
users, ocfs2 and reiserfs, switch to security_inode_init_security().
However, due to the complexity of the changes required to fully exploit the
ability of security_inode_init_security() to set multiple xattrs, tho...
2023 Feb 21
0
[PATCH v7 2/6] ocfs2: Switch to security_inode_init_security()
...y: Joseph Qi <joseph.qi at linux.alibaba.com>
>
> On 1/10/23 4:55 PM, Roberto Sassu wrote:
> > On Thu, 2022-12-01 at 11:41 +0100, Roberto Sassu wrote:
> > > From: Roberto Sassu <roberto.sassu at huawei.com>
> > >
> > > In preparation for removing security_old_inode_init_security(), switch to
> > > security_inode_init_security().
> > >
> > > Extend the existing ocfs2_initxattrs() to take the
> > > ocfs2_security_xattr_info structure from fs_info, and populate the
> > > name/value/len triple with the first xattr provided by LS...
2022 Dec 01
8
[PATCH v7 0/6] evm: Do HMAC of multiple per LSM xattrs for new inodes
...other LSMs, needs to have visibility of all xattrs and not only the one
that the LSM infrastructure passes to the LSM to be set.
The solution is to replace in the inode_init_security definition the
name/value/len parameters with the beginning of the array containing all
xattrs set by LSMs. Due to security_old_inode_init_security() API
limitation of setting only one xattr, it has been dropped and the remaining
users, ocfs2 and reiserfs, switch to security_inode_init_security().
However, due to the complexity of the changes required to fully exploit the
ability of security_inode_init_security() to set multiple xattrs, tho...
2023 Mar 14
1
[PATCH v8 1/6] reiserfs: Switch to security_inode_init_security()
From: Roberto Sassu <roberto.sassu at huawei.com>
In preparation for removing security_old_inode_init_security(), switch to
security_inode_init_security(). Commit 572302af1258 ("reiserfs: Add missing
calls to reiserfs_security_free()") fixed possible memory leaks and another
issue related to adding an xattr at inode creation time.
Define the initxattrs callback reiserfs_initxattrs(), to popula...
2023 Mar 05
1
ocfs2 xattr
...-------------------------------------------------------------
Hi,
I'm seeing the crash below on 6.1 and 6.2 kernels when trying to copy a
directory to OCFS2 filesystem. The problem seems to be that si->name
is NULL so strlen crashes on that. Is this a known problem related to
the deprecated security_old_inode_init_security?
[ 27.386786] BUG: kernel NULL pointer dereference, address: 0000000000000000
[ 27.386818] #PF: supervisor read access in kernel mode
[ 27.386832] #PF: error_code(0x0000) - not-present page
[ 27.386844] PGD 0 P4D 0
[ 27.386855] Oops: 0000 [#1] PREEMPT SMP PTI
[ 27.386867] CPU: 0 PI...