From: Mimi Zohar <zohar@linux.vnet.ibm.com>
To: Jan Kara <jack@suse.cz>
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
linux-kernel@vger.kernel.org, reiserfs-devel@vger.kernel.org,
haiyangz@microsoft.com, hjanssen@microsoft.com,
"'Rafael J. Wysocki'" <rjw@sisk.pl>,
James Morris <jmorris@namei.org>,
Jorge Bastos <mysql.jorge@decimal.pt>,
Mark Fasheh <mfasheh@suse.com>, Joel Becker <jlbec@evilplan.org>
Subject: Re: Reiserfs.c bug in 3.2-rc5
Date: Tue, 03 Jan 2012 10:25:55 -0500 [thread overview]
Message-ID: <1325604356.2095.23.camel@falcor> (raw)
In-Reply-To: <20120103123841.GA31457@quack.suse.cz>
On Tue, 2012-01-03 at 13:38 +0100, Jan Kara wrote:
> Hell,
>
> On Tue 03-01-12 09:31:22, Jorge Bastos wrote:
> > > Yes, thanks! So we see that reiserfs_security_init() returned bogus
> > > number 790797. This is caused by security_old_inode_init_security()
> > > either returning some bogus number or setting sec->length to
> > > something bogus. In any case it's some security module problem so
> > > I'm adding Mimi Zohar who did the changes in this code recently to
> > > CC. I'm also adding Rafael since this is a regression.
> > >
> > > Also I think he might use your kernel config so can you please send
> > > it?
> > > Thanks.
> >
> > Sure,
> > Please grab it here:
> >
> > http://neotrix.decimal.pt/bugs/config-3.2-rc7.txt
> >
> > Let me know when the fix gets commited git master.
> Thanks! So I've managed to reproduce the problem and I now understand
> what is the problem. Commit 1e39f384bb01b0395b69cb70c2cacae65012f203 makes
> security_old_inode_init_security() return 0 when CONFIG_SECURITY is not
> set. But that makes caller such as reiserfs_security_init() assume that
> security_old_inode_init_security() has set name, value, and len arguments
> properly (which is IMO correct assumption). But they were left
> uninitialized which makes things break in an interesting ways... The fix is
> below.
>
> Mimi, James, Linus, this patch fixes a regression from 3.1 and should make
> it to 3.2 if possible.
>
> Honza
Commit fb88c2b changed the security_old_inode_init_security() return
code for S_PRIVATE inodes. As long as -EOPNOTSUPP is expected, probably
should revert that as well.
(I'm cc'ing the ocfs2 maintainers.)
thanks,
Mimi
> ----
>
> From 5bcd17065fa27d5f27756e24a98331f796ff2481 Mon Sep 17 00:00:00 2001
> From: Jan Kara <jack@suse.cz>
> Date: Tue, 3 Jan 2012 13:14:29 +0100
> Subject: [PATCH] security: Fix security_old_inode_init_security() when CONFIG_SECURITY is not set
>
> Commit 1e39f384bb01b0395b69cb70c2cacae65012f203 makes
> security_old_inode_init_security() return 0 when CONFIG_SECURITY is not set.
> But that makes callers such as reiserfs_security_init() assume that
> security_old_inode_init_security() has set name, value, and len arguments
> properly. But security_old_inode_init_security() left them uninitialized
> which then results in interesting failures.
>
> Revert security_old_inode_init_security() to the old behavior of returning
> EOPNOTSUPP since both callers (reiserfs and ocfs2) handle this just fine.
>
> Reported-by: Jorge Bastos <mysql.jorge@decimal.pt>
> CC: James Morris <jmorris@namei.org>
> CC: Mimi Zohar <zohar@us.ibm.com>
> Signed-off-by: Jan Kara <jack@suse.cz>
> ---
> include/linux/security.h | 2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/include/linux/security.h b/include/linux/security.h
> index 19d8e04..e8c619d 100644
> --- a/include/linux/security.h
> +++ b/include/linux/security.h
> @@ -2056,7 +2056,7 @@ static inline int security_old_inode_init_security(struct inode *inode,
> char **name, void **value,
> size_t *len)
> {
> - return 0;
> + return -EOPNOTSUPP;
> }
>
> static inline int security_inode_create(struct inode *dir,
next prev parent reply other threads:[~2012-01-03 15:29 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-12-10 23:48 Reiserfs.c bug in 3.2-rc5 Jorge Bastos
2011-12-13 18:07 ` Jan Kara
2011-12-24 11:55 ` Jorge Bastos
2012-01-02 11:52 ` Jan Kara
[not found] ` <005301ccc998$201c9da0$6055d8e0$@jorge@decimal.pt>
2012-01-03 1:08 ` Jan Kara
[not found] ` <000701ccc9fa$74df73f0$5e9e5bd0$@jorge@decimal.pt>
2012-01-03 12:38 ` Jan Kara
2012-01-03 15:25 ` Mimi Zohar [this message]
2012-01-03 16:48 ` Linus Torvalds
2012-01-03 18:45 ` Mimi Zohar
2012-01-03 19:17 ` Linus Torvalds
2012-01-03 22:28 ` Mimi Zohar
2012-01-03 23:47 ` James Morris
2012-01-04 0:18 ` Linus Torvalds
2012-01-04 1:02 ` James Morris
2012-01-04 17:15 ` Jan Kara
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1325604356.2095.23.camel@falcor \
--to=zohar@linux.vnet.ibm.com \
--cc=haiyangz@microsoft.com \
--cc=hjanssen@microsoft.com \
--cc=jack@suse.cz \
--cc=jlbec@evilplan.org \
--cc=jmorris@namei.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mfasheh@suse.com \
--cc=mysql.jorge@decimal.pt \
--cc=reiserfs-devel@vger.kernel.org \
--cc=rjw@sisk.pl \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox