From mboxrd@z Thu Jan 1 00:00:00 1970 From: Al Viro Subject: Re: netfilter: xt_bpf: Fix XT_BPF_MODE_FD_PINNED mode of 'xt_bpf_info_v1' Date: Sat, 2 Dec 2017 18:48:50 +0000 Message-ID: <20171202184850.GQ21978@ZenIV.linux.org.uk> References: <20171201013304.GM21978@ZenIV.linux.org.uk> <20171201034859.GN21978@ZenIV.linux.org.uk> <20171201045439.GO21978@ZenIV.linux.org.uk> <20171201173941.GP21978@ZenIV.linux.org.uk> <7bbe72a8-dbbe-3343-765d-cc53eb40e0cd@iogearbox.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: Kees Cook , Shmulik Ladkani , Willem de Bruijn , Pablo Neira Ayuso , Linus Torvalds , David Miller , LKML , Network Development , Christoph Hellwig , Thomas Garnier , Jann Horn To: Daniel Borkmann Return-path: Received: from zeniv.linux.org.uk ([195.92.253.2]:43454 "EHLO ZenIV.linux.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751806AbdLBStF (ORCPT ); Sat, 2 Dec 2017 13:49:05 -0500 Content-Disposition: inline In-Reply-To: <7bbe72a8-dbbe-3343-765d-cc53eb40e0cd@iogearbox.net> Sender: netdev-owner@vger.kernel.org List-ID: On Fri, Dec 01, 2017 at 09:47:00PM +0100, Daniel Borkmann wrote: > > Might want to replace security_path_mknod() with something saner, while we are > > at it. > > > > Objections? > > No, thanks for looking into this, and sorry for this fugly hack! :( Not > that this doesn't make it any better, but I think back then I took it > over from mqueue implementation ... should have known better and looking > into making this generic instead, sigh. The above looks good to me, so > no objections from my side and thanks for working on it! > > > PS: mqueue.c would also benefit from such primitive - do_create() there would > > simply pass attr as callback's argument into vfs_mkobj(), with callback being > > the guts of mqueue_create()... OK... See vfs.git#untested.mkobj; it really needs testing, though - mq_open(2) passes LTP tests, but that's not saying much, and BPF side is completely untested.