From: Mimi Zohar <zohar@linux.vnet.ibm.com>
To: Jan Kara <jack@suse.cz>
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
linux-kernel@vger.kernel.org, reiserfs-devel@vger.kernel.org,
haiyangz@microsoft.com, hjanssen@microsoft.com,
"'Rafael J. Wysocki'" <rjw@sisk.pl>,
James Morris <jmorris@namei.org>,
Jorge Bastos <mysql.jorge@decimal.pt>,
Mark Fasheh <mfasheh@suse.com>, Joel Becker <jlbec@evilplan.org>
Subject: Re: Reiserfs.c bug in 3.2-rc5
Date: Tue, 03 Jan 2012 10:25:55 -0500 [thread overview]
Message-ID: <1325604356.2095.23.camel@falcor> (raw)
In-Reply-To: <20120103123841.GA31457@quack.suse.cz>
On Tue, 2012-01-03 at 13:38 +0100, Jan Kara wrote:
> Hell,
>
> On Tue 03-01-12 09:31:22, Jorge Bastos wrote:
> > > Yes, thanks! So we see that reiserfs_security_init() returned bogus
> > > number 790797. This is caused by security_old_inode_init_security()
> > > either returning some bogus number or setting sec->length to
> > > something bogus. In any case it's some security module problem so
> > > I'm adding Mimi Zohar who did the changes in this code recently to
> > > CC. I'm also adding Rafael since this is a regression.
> > >
> > > Also I think he might use your kernel config so can you please send
> > > it?
> > > Thanks.
> >
> > Sure,
> > Please grab it here:
> >
> > http://neotrix.decimal.pt/bugs/config-3.2-rc7.txt
> >
> > Let me know when the fix gets commited git master.
> Thanks! So I've managed to reproduce the problem and I now understand
> what is the problem. Commit 1e39f384bb01b0395b69cb70c2cacae65012f203 makes
> security_old_inode_init_security() return 0 when CONFIG_SECURITY is not
> set. But that makes caller such as reiserfs_security_init() assume that
> security_old_inode_init_security() has set name, value, and len arguments
> properly (which is IMO correct assumption). But they were left
> uninitialized which makes things break in an interesting ways... The fix is
> below.
>
> Mimi, James, Linus, this patch fixes a regression from 3.1 and should make
> it to 3.2 if possible.
>
> Honza
Commit fb88c2b changed the security_old_inode_init_security() return
code for S_PRIVATE inodes. As long as -EOPNOTSUPP is expected, probably
should revert that as well.
(I'm cc'ing the ocfs2 maintainers.)
thanks,
Mimi
> ----
>
> From 5bcd17065fa27d5f27756e24a98331f796ff2481 Mon Sep 17 00:00:00 2001
> From: Jan Kara <jack@suse.cz>
> Date: Tue, 3 Jan 2012 13:14:29 +0100
> Subject: [PATCH] security: Fix security_old_inode_init_security() when CONFIG_SECURITY is not set
>
> Commit 1e39f384bb01b0395b69cb70c2cacae65012f203 makes
> security_old_inode_init_security() return 0 when CONFIG_SECURITY is not set.
> But that makes callers such as reiserfs_security_init() assume that
> security_old_inode_init_security() has set name, value, and len arguments
> properly. But security_old_inode_init_security() left them uninitialized
> which then results in interesting failures.
>
> Revert security_old_inode_init_security() to the old behavior of returning
> EOPNOTSUPP since both callers (reiserfs and ocfs2) handle this just fine.
>
> Reported-by: Jorge Bastos <mysql.jorge@decimal.pt>
> CC: James Morris <jmorris@namei.org>
> CC: Mimi Zohar <zohar@us.ibm.com>
> Signed-off-by: Jan Kara <jack@suse.cz>
> ---
> include/linux/security.h | 2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/include/linux/security.h b/include/linux/security.h
> index 19d8e04..e8c619d 100644
> --- a/include/linux/security.h
> +++ b/include/linux/security.h
> @@ -2056,7 +2056,7 @@ static inline int security_old_inode_init_security(struct inode *inode,
> char **name, void **value,
> size_t *len)
> {
> - return 0;
> + return -EOPNOTSUPP;
> }
>
> static inline int security_inode_create(struct inode *dir,
next prev parent reply other threads:[~2012-01-03 15:25 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-12-10 23:48 Reiserfs.c bug in 3.2-rc5 Jorge Bastos
2011-12-13 18:07 ` Jan Kara
2011-12-24 11:55 ` Jorge Bastos
2011-12-24 11:55 ` Jorge Bastos
2012-01-02 11:52 ` Jan Kara
2012-01-02 11:52 ` Jan Kara
[not found] ` <005301ccc998$201c9da0$6055d8e0$@jorge@decimal.pt>
2012-01-03 1:08 ` Jan Kara
[not found] ` <000701ccc9fa$74df73f0$5e9e5bd0$@jorge@decimal.pt>
2012-01-03 12:38 ` Jan Kara
2012-01-03 12:38 ` Jan Kara
2012-01-03 15:25 ` Mimi Zohar [this message]
2012-01-03 16:48 ` Linus Torvalds
2012-01-03 18:45 ` Mimi Zohar
2012-01-03 19:17 ` Linus Torvalds
2012-01-03 22:28 ` Mimi Zohar
2012-01-03 23:47 ` James Morris
2012-01-04 0:18 ` Linus Torvalds
2012-01-04 1:02 ` James Morris
2012-01-04 17:15 ` Jan Kara
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1325604356.2095.23.camel@falcor \
--to=zohar@linux.vnet.ibm.com \
--cc=haiyangz@microsoft.com \
--cc=hjanssen@microsoft.com \
--cc=jack@suse.cz \
--cc=jlbec@evilplan.org \
--cc=jmorris@namei.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mfasheh@suse.com \
--cc=mysql.jorge@decimal.pt \
--cc=reiserfs-devel@vger.kernel.org \
--cc=rjw@sisk.pl \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.