From: David Howells <dhowells@redhat.com>
To: Miklos Szeredi <miklos@szeredi.hu>
Cc: dhowells@redhat.com, viro@ZenIV.linux.org.uk,
linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org,
hch@infradead.org, torvalds@linux-foundation.org,
mszeredi@suse.cz
Subject: Re: [PATCH 00/16] vfs: atomic open v4 (part 1)
Date: Thu, 24 May 2012 16:07:26 +0100 [thread overview]
Message-ID: <6422.1337872046@redhat.com> (raw)
In-Reply-To: <1335357857-16416-1-git-send-email-miklos@szeredi.hu>
I've been looking at your patches when they're all applied, and I suspect
you're missing some security calls.
For instance, in lookup_open(), you call security_path_mknod() prior to
calling vfs_create(), but you don't call it prior to calling atomic_open() or
in, say, nfs_atomic_open(). You do need to, however, though I can see it's
difficult to work out where. Is it possible to call it if O_CREAT is
specified and d_inode is NULL right before calling atomic_open()?
I'm also wondering if you're missing an audit_inode() call in the if (created)
path after the retry_lookup label.
David
next prev parent reply other threads:[~2012-05-24 15:08 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-04-25 12:44 [PATCH 00/16] vfs: atomic open v4 (part 1) Miklos Szeredi
2012-04-25 12:44 ` [PATCH 01/16] vfs: split do_lookup() Miklos Szeredi
2012-04-25 12:44 ` [PATCH 02/16] vfs: do_last(): make exit RCU safe Miklos Szeredi
2012-04-25 12:44 ` [PATCH 03/16] vfs: do_last(): inline walk_component() Miklos Szeredi
2012-04-25 12:44 ` [PATCH 04/16] vfs: do_last(): use inode variable Miklos Szeredi
2012-05-01 4:06 ` Nick Piggin
2012-05-07 14:28 ` Miklos Szeredi
2012-05-08 23:57 ` Nick Piggin
2012-05-08 23:57 ` Nick Piggin
2012-04-25 12:44 ` [PATCH 05/16] vfs: make follow_link check RCU safe Miklos Szeredi
2012-04-25 12:44 ` [PATCH 06/16] vfs: do_last(): make ENOENT exit " Miklos Szeredi
2012-04-25 12:44 ` [PATCH 07/16] vfs: do_last(): check LOOKUP_DIRECTORY Miklos Szeredi
2012-04-25 12:44 ` [PATCH 08/16] vfs: do_last(): only return EISDIR for O_CREAT Miklos Szeredi
2012-04-25 12:44 ` [PATCH 09/16] vfs: do_last(): add audit_inode before open Miklos Szeredi
2012-04-25 12:44 ` [PATCH 10/16] vfs: do_last() common post lookup Miklos Szeredi
2012-04-25 12:44 ` [PATCH 11/16] vfs: split __dentry_open() Miklos Szeredi
2012-04-25 12:44 ` [PATCH 12/16] vfs: do_dentry_open(): don't put filp Miklos Szeredi
2012-04-25 12:44 ` [PATCH 13/16] vfs: nameidata_to_filp(): inline __dentry_open() Miklos Szeredi
2012-04-25 12:44 ` [PATCH 14/16] vfs: nameidata_to_filp(): don't throw away file on error Miklos Szeredi
2012-04-25 12:44 ` [PATCH 15/16] vfs: retry last component if opening stale dentry Miklos Szeredi
2012-04-25 12:44 ` [PATCH 16/16] nfs: don't open in ->d_revalidate Miklos Szeredi
2012-05-24 15:07 ` David Howells [this message]
2012-05-24 15:52 ` [PATCH 00/16] vfs: atomic open v4 (part 1) David Howells
2012-05-25 15:12 ` Miklos Szeredi
2012-05-25 15:20 ` David Howells
2012-05-25 14:58 ` Miklos Szeredi
2012-05-25 15:18 ` David Howells
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6422.1337872046@redhat.com \
--to=dhowells@redhat.com \
--cc=hch@infradead.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=miklos@szeredi.hu \
--cc=mszeredi@suse.cz \
--cc=torvalds@linux-foundation.org \
--cc=viro@ZenIV.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.