From: "Matthew N. Dodd" <Matthew.Dodd@sparta.com>
To: "David P. Quigley" <dpquigl@tycho.nsa.gov>
Cc: James Morris <jmorris@namei.org>,
hch@infradead.org, viro@zeniv.linux.org.uk,
casey@schaufler-ca.com, sds@tycho.nsa.gov,
trond.myklebust@fys.uio.no, bfields@fieldses.org,
linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
linux-security-module@vger.kernel.org, selinux@tycho.nsa.gov,
labeled-nfs@linux-nfs.org
Subject: Re: [PATCH 03/14] LSM/SELinux: inode_{get,set,notify}secctx hooks to access LSM security context information.
Date: Fri, 12 Dec 2008 16:50:29 -0500 [thread overview]
Message-ID: <4942DCA5.60109@sparta.com> (raw)
In-Reply-To: <1228490712.15920.45.camel@moss-terrapins.epoch.ncsc.mil>
David P. Quigley wrote:
> On Fri, 2008-12-05 at 20:58 +1100, James Morris wrote:
>> On Wed, 26 Nov 2008, David P. Quigley wrote:
>>
>>> + * @inode_getsecctx:
>>> + * Returns a string containing all relavent security context information
>>> + *
>>> + * @inode we wish to set the security context of.
>>> + * @ctx is a pointer in which to place the allocated security context.
>>> + * @ctxlen points to the place to put the length of @ctx.
>>> * This is the main security structure.
>>> */
>>> struct security_operations {
>>> @@ -1479,6 +1514,10 @@ struct security_operations {
>>> int (*secctx_to_secid) (const char *secdata, u32 seclen, u32 *secid);
>>> void (*release_secctx) (char *secdata, u32 seclen);
>>>
>>> + int (*inode_notifysecctx)(struct inode *inode, void *ctx, u32 ctxlen);
>>> + int (*inode_setsecctx)(struct dentry *dentry, void *ctx, u32 ctxlen);
>>> + int (*inode_getsecctx)(struct inode *inode, void **ctx, u32 *ctxlen);
>> For inode_getsecctx(), you're returning the length via the return value,
>> so you should not also need to pass in a pointer to ctxlen, right?
>>
>> IMHO, it's clearer and simpler to always only return error status from
>> these kinds of functions, and to pass things like size back via pointer
>> args, although it seems that a few mixed return functions have crept in to
>> the code over time. My preference would be to convert it to return value
>> is error status only, with the length entirely separate as a pointer arg.
>>
>>
>> - James
>
> I'll have to look into why we did it this way. The discussion for these
> patches happened many months ago so I don't remember why it was done
> this way. I remember at the time getting an approval for the approach
> but a desire not to merge the patch while there were no users of it.
I think it was a result of inode_getsecctx() being a wrapper for
selinux_inode_getsecurity() which returns a length.
next prev parent reply other threads:[~2008-12-12 21:57 UTC|newest]
Thread overview: 61+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-11-26 21:03 [Labeled-nfs] [RFC v4] Security Label Support for NFSv4 David P. Quigley
2008-11-26 21:03 ` David P. Quigley
2008-11-26 21:03 ` [PATCH 01/14] patch fix_use_before_init_in_nfsd4_list_rec_dir David P. Quigley
2008-11-26 21:03 ` David P. Quigley
2008-11-26 21:03 ` [PATCH 02/14] VFS: Factor out part of vfs_setxattr so it can be called from the SELinux hook for inode_setsecctx David P. Quigley
2008-11-26 21:03 ` David P. Quigley
2008-11-26 21:03 ` [PATCH 03/14] LSM/SELinux: inode_{get,set,notify}secctx hooks to access LSM security context information David P. Quigley
2008-11-26 21:03 ` David P. Quigley
2008-12-05 9:58 ` James Morris
2008-12-05 9:58 ` James Morris
2008-12-05 15:25 ` David P. Quigley
2008-12-05 15:25 ` David P. Quigley
2008-12-05 17:32 ` David P. Quigley
2008-12-05 17:32 ` David P. Quigley
2008-12-12 21:50 ` Matthew N. Dodd [this message]
2008-11-26 21:03 ` [PATCH 04/14] Security: Add hook to calculate context based on a negative dentry David P. Quigley
2008-11-26 21:03 ` David P. Quigley
2008-11-26 21:03 ` [PATCH 05/14] Security: Add Hook to test if the particular xattr is part of a MAC model David P. Quigley
2008-11-26 21:03 ` David P. Quigley
2008-11-26 21:03 ` David P. Quigley
2008-11-26 21:03 ` [PATCH 06/14] SELinux: Add new labeling type native labels David P. Quigley
2008-11-26 21:03 ` David P. Quigley
2008-11-26 21:03 ` [PATCH 07/14] KConfig: Add KConfig entries for Labeled NFS David P. Quigley
2008-11-26 21:03 ` David P. Quigley
2008-11-26 21:03 ` [PATCH 08/14] NFSv4: Add label recommended attribute and NFSv4 flags David P. Quigley
2008-11-26 21:03 ` David P. Quigley
2008-12-05 2:38 ` James Morris
2008-12-05 2:38 ` James Morris
2009-04-03 8:31 ` James Morris
2009-04-03 8:31 ` James Morris
2009-04-03 9:59 ` David P. Quigley
2009-04-03 9:59 ` David P. Quigley
2009-04-03 11:43 ` James Morris
2009-04-03 11:43 ` James Morris
2009-04-03 12:23 ` David P. Quigley
2009-04-03 12:23 ` David P. Quigley
2009-04-05 23:33 ` James Morris
2009-04-05 23:33 ` James Morris
2009-04-03 11:29 ` David P. Quigley
2009-04-03 11:29 ` David P. Quigley
2008-11-26 21:03 ` [PATCH 09/14] NFS: Add security_label text mount option and handling code to NFS David P. Quigley
2008-11-26 21:03 ` David P. Quigley
2008-12-05 4:47 ` James Morris
2008-12-05 4:47 ` James Morris
2008-12-12 21:43 ` [Labeled-nfs] " Matthew N. Dodd
2008-11-26 21:03 ` [PATCH 10/14] NFS: Introduce lifecycle management for label attribute David P. Quigley
2008-11-26 21:03 ` David P. Quigley
2008-12-05 5:45 ` James Morris
2008-12-05 5:45 ` James Morris
2008-11-26 21:03 ` [PATCH 11/14] NFSv4: Introduce new label structure David P. Quigley
2008-11-26 21:03 ` David P. Quigley
2008-11-26 21:03 ` [PATCH 12/14] NFS: Client implementation of Labeled-NFS David P. Quigley
2008-11-26 21:03 ` David P. Quigley
2008-12-05 9:39 ` James Morris
2008-12-05 9:39 ` James Morris
2008-11-26 21:03 ` [PATCH 13/14] NFS: Extend NFS xattr handlers to accept the security namespace David P. Quigley
2008-11-26 21:03 ` David P. Quigley
2008-11-26 21:03 ` [PATCH 14/14] NFSD: Server implementation of MAC Labeling David P. Quigley
2008-11-26 21:03 ` David P. Quigley
2008-12-05 10:00 ` James Morris
2008-12-05 10:00 ` James Morris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4942DCA5.60109@sparta.com \
--to=matthew.dodd@sparta.com \
--cc=bfields@fieldses.org \
--cc=casey@schaufler-ca.com \
--cc=dpquigl@tycho.nsa.gov \
--cc=hch@infradead.org \
--cc=jmorris@namei.org \
--cc=labeled-nfs@linux-nfs.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=sds@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
--cc=trond.myklebust@fys.uio.no \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.