* Michael S. Tsirkin ([EMAIL PROTECTED]) wrote: > Quoting r. Chris Wright ([EMAIL PROTECTED]) "Re: [PATCH 1/5] compat_ioctl > call seems to miss a security hook": > > * Michael S. Tsirkin ([EMAIL PROTECTED]) wrote: > > > I'm all for it, but the way the patch below works, we could end up > > > calling ->ioctl or ->unlocked_ioctl from the compat > > > syscall, and we dont want that. > > > > Hmm, I didn't actually change how those are called. So if it's an issue, > > then I don't think this patch introduces it. > > Sorry, you are right, we go to do_ioctl only if there are no > callbacks.
I suppose there is one case (not introduced by the patch). Not sure if it's even a problem though: t->cmd matches, yet NULL t->handler. This will fall-thru to the do_ioctl: case. I assume NULL handler is for case where no conversion is needed, so it's not a problem? At least some callers of register_ioctl32_conversion() pass NULL handler. thanks, -chris -- Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
