Stephen Smalley wrote:
On Tue, 2007-08-07 at 16:11 +0800, Cliffe wrote:
...
Don't confuse kernel stack limitation with the ability to dynamically
allocate memory in the kernel.
How large is your policy? I'm guessing that SELinux reference policy is
larger, e.g. from /proc/slabinfo:
#
On Tue, 7 Aug 2007, Serge E. Hallyn wrote:
> Yeah, I did that in v1, but didn't want to add two new security_ hooks.
> But I'll send a v4 doing that.
Yep, add what's actually needed.
Continually having to jump through all of these hoops for LSM has gone
beyond ridiculous.
- James
--
James
Quoting Trond Myklebust ([EMAIL PROTECTED]):
> On Tue, 2007-08-07 at 17:17 -0500, Serge E. Hallyn wrote:
>
> > diff --git a/fs/splice.c b/fs/splice.c
> > index e36c003..2df95f3 100644
> > --- a/fs/splice.c
> > +++ b/fs/splice.c
> > @@ -827,6 +827,12 @@ generic_file_splice_write(struct pipe_inode_i
On Tue, 2007-08-07 at 17:17 -0500, Serge E. Hallyn wrote:
> diff --git a/fs/splice.c b/fs/splice.c
> index e36c003..2df95f3 100644
> --- a/fs/splice.c
> +++ b/fs/splice.c
> @@ -827,6 +827,12 @@ generic_file_splice_write(struct pipe_inode_info *pipe,
> struct file *out,
> ssize_t ret;
>
>From 905b8352d5b2373666b4e18d4d9ffa41049e0a0a Mon Sep 17 00:00:00 2001
From: Serge E. Hallyn <[EMAIL PROTECTED]>
Date: Tue, 7 Aug 2007 11:40:41 -0400
Subject: file capabilities: clear fcaps on inode change (v3)
When a file with posix capabilities is overwritten, the
file capabilities, like a setu
--- Stephen Smalley <[EMAIL PROTECTED]> wrote:
> On Sun, 2007-08-05 at 17:03 -0700, Casey Schaufler wrote:
> > From: Casey Schaufler <[EMAIL PROTECTED]>
> >
> > This patch interposes LSM interfaces between the audit system
> > and SELinux. This helps make SELinux a cleaner LSM and clarifies
> >
Quoting James Morris ([EMAIL PROTECTED]):
> On Tue, 7 Aug 2007, Serge E. Hallyn wrote:
>
> > Shall I resend without the LSM_NEED_LOCK, or do you still want a more
> > fundamental change?
>
>
> Removing the needlock is enough, the rest was just a query/suggestion.
Ok - I'll explictly lock the i_
On Sun, 2007-08-05 at 17:03 -0700, Casey Schaufler wrote:
> From: Casey Schaufler <[EMAIL PROTECTED]>
>
> This patch interposes LSM interfaces between the audit system
> and SELinux. This helps make SELinux a cleaner LSM and clarifies
> the interfaces provided by the audit system. The audit system
On Tue, 7 Aug 2007, Serge E. Hallyn wrote:
> Shall I resend without the LSM_NEED_LOCK, or do you still want a more
> fundamental change?
Removing the needlock is enough, the rest was just a query/suggestion.
--
James Morris
<[EMAIL PROTECTED]>
-
To unsubscribe from this list: send the line "u
On Tue, 2007-08-07 at 16:11 +0800, Cliffe wrote:
> G’day,
>
> I would really appreciate some advice.
>
> I realise the kernel has a small stack, and I imagine this will have a
> greater impact on my LSM design than I originally thought. I would
> really appreciate some input.
>
> My LSM has a
On Mon, 6 Aug 2007, Serge E. Hallyn wrote:
> +struct vfs_cap_data_v2 {
> + __u32 magic_etc; /* Little endian */
> + struct {
> + __u32 permitted_lo;/* Little endian */
> + __u32 permitted_hi;/* Little endian */
> + __u32 inheritable_lo; /* Litt
Quoting Stephen Smalley ([EMAIL PROTECTED]):
> On Mon, 2007-08-06 at 13:52 -0500, Serge E. Hallyn wrote:
> > >From 1376764cbb54243f088cf00c39000c4f4418f461 Mon Sep 17 00:00:00 2001
> > From: Serge E. Hallyn <[EMAIL PROTECTED]>
> > Date: Mon, 6 Aug 2007 14:20:06 -0400
> > Subject: [PATCH 1/1] file c
Quoting James Morris ([EMAIL PROTECTED]):
> On Mon, 6 Aug 2007, Serge E. Hallyn wrote:
>
> > + err = security_inode_killpriv(out->f_path.dentry, LSM_NEED_LOCK);
> > + if (err)
> > + return err;
> > +
> > err = should_remove_suid(out->f_path.dentry);
> > if (unlikely(err)) {
>
On Mon, 2007-08-06 at 13:52 -0500, Serge E. Hallyn wrote:
> >From 1376764cbb54243f088cf00c39000c4f4418f461 Mon Sep 17 00:00:00 2001
> From: Serge E. Hallyn <[EMAIL PROTECTED]>
> Date: Mon, 6 Aug 2007 14:20:06 -0400
> Subject: [PATCH 1/1] file capabilities: clear fcaps on inode change (v2)
>
> When
Quoting Andrew Morgan ([EMAIL PROTECTED]):
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Serge E. Hallyn wrote:
> >> So far as I can see there are two types of issue:
> >>
> >> - a new capability comes along - it is needed to run an app
> >
> > As an example, CAP_AUDIT_WRITE and CAP_AUDI
On Mon, 6 Aug 2007, Serge E. Hallyn wrote:
> + err = security_inode_killpriv(out->f_path.dentry, LSM_NEED_LOCK);
> + if (err)
> + return err;
> +
> err = should_remove_suid(out->f_path.dentry);
> if (unlikely(err)) {
> mutex_lock(&inode->i_mutex);
It
G’day,
I would really appreciate some advice.
I realise the kernel has a small stack, and I imagine this will have a
greater impact on my LSM design than I originally thought. I would
really appreciate some input.
My LSM has a hierarchical policy structure which is made up of a
(relatively)
17 matches
Mail list logo