Re: [apparmor] [PATCH v2] apparmor: enable raw text policy
On Fri, Sep 03, 2021 at 06:31:49PM -0300, Georgia Garcia wrote:
> +static const struct file_operations rawtext_fops = {
> + .open = rawdata_open,
> + .read = rawtext_read,
> + .llseek = generic_file_llseek,
> + .release = rawdata_release,
> +};
Hey Georgia, I'm curious if the rawdata_open and rawdata_release here are
correct. If they are correct, is there any problem if the same process
opens both the raw_text and the raw_data files? Is there any problem if
two or more processes open both raw_text and raw_data?
Thanks
signature.asc
Description: PGP signature
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
Re: [apparmor] [PATCH v2] apparmor: enable raw text policy
On Sat, 2021-09-04 at 02:07 +, Seth Arnold wrote:
> On Fri, Sep 03, 2021 at 06:31:49PM -0300, Georgia Garcia wrote:
> > +static const struct file_operations rawtext_fops = {
> > + .open = rawdata_open,
> > + .read = rawtext_read,
> > + .llseek = generic_file_llseek,
> > + .release = rawdata_release,
> > +};
>
> Hey Georgia, I'm curious if the rawdata_open and rawdata_release here are
> correct. If they are correct, is there any problem if the same process
> opens both the raw_text and the raw_data files? Is there any problem if
> two or more processes open both raw_text and raw_data?
>
> Thanks
Hi Seth,
When rawdata_open is called, we increase the refcount for loaddata and
decrease it for rawdata_release. The result of the decompression is
stored into a new variable (private), and not loaddata directly.
So when there's a call for raw_data and raw_text by the same process,
the refcount will be increased twice and loaddata will be decompressed
twice having the result in two different private variables. That
applies for two or more processes as well.
Just to be sure, I tested these scenarios and it worked as expected.
I'm not sure if that's the issues you were concerned about and if I
made myself clear, so please let me know. I could be missing something
too :)
Thanks,
Georgia
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
Re: [apparmor] [PATCH v2] apparmor: enable raw text policy
On Wed, Sep 08, 2021 at 11:43:27AM -0300, Georgia Garcia wrote: > So when there's a call for raw_data and raw_text by the same process, > the refcount will be increased twice and loaddata will be decompressed > twice having the result in two different private variables. That > applies for two or more processes as well. > > Just to be sure, I tested these scenarios and it worked as expected. > > I'm not sure if that's the issues you were concerned about and if I > made myself clear, so please let me know. I could be missing something > too :) Excellent, those were indeed the cases I was worried about -- thanks for double-checking. (Maybe hold on to those tests so that we can stick them into our test suite once this is integrated.) Thanks signature.asc Description: PGP signature -- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
